Subject: Re: "Don't login as root, use the su command."
To: None <email@example.com>
From: Geoff Adams <firstname.lastname@example.org>
Date: 02/12/2000 04:44:06
On 12 Feb 2000 4:17 AM, I wrote:
> Our csh does set LOGNAME if not already set. Unfortunately, our sh does
OK, I botched this.
As it should be, /usr/bin/login sets LOGNAME, and the shells leave well
enough alone. So, everyone will always have LOGNAME set when they log in.
So root's .login and .profile can simply check to see whether "$LOGNAME"
equals "root". If it's equal to something else, the user used 'su'. Even
'su -' will work with this scheme, since it obliterates LOGNAME, leaving it
set to nothing. "" won't equal "root", so the message won't be printed.
No changes to any software needed.