On Sat, Nov 04, 2000 at 04:00:53PM +0900, itojun@iijlab.net wrote:
> 
> >> When be talk about "xterm" and its capability to write utmp records:
> >> wouldn't the right solution be to have a special purpose daemon listening
> >> on some socket in /var/run, where interested programs can send their log info
> >> to, and have things like xterm always run completely unpriviledged?
> >That can't work.  You can't run them "completely unprivileged" because you
> >can't let everyone write to utmp.
> 
> 	i have the same question.  how do the daemon authenticate the
> 	guy who asked for wtmp/utmp writes?

Actually, if we just would disable utmp recording of xterm etc, we would be
fine. I've never understood what the value of this was... either you are
logged in at console, start X11 from there, then you're registered at the
console. Or you login via xdm, then xdm has registered your session.

Single xterms shouldn't have the login session capability any more than,
say, a subshell started from your sh or csh.

But I guess many people won't follow me there.

Regards,
	Ignatios