[ Please don't Cc: public replies to me. ]
Raul Miller:
> The ideal thing would be a shell script used for *all* logins, which
> kicks in before the user shell is loaded. This means changing
> login, and xdm, to use something like this:
And ssh, su, xterm, and all other programs that launch login
shells (some of them may use login, but not all do). That's many
security-sensitive programs to modify. All this just to make
it easier to slow down the login process?
/etc/profile.d and its variations would allow packages to set
up a different default environment that is `nicer' by some
definition. Is this worth the trouble of modifying the way
login works on Debian?
I hate to repeat myself, but in my humble opinion,
* all programs should work without special setup in
/etc/profile, or elsewhere, and
* a `nice' environment should not be forced upon all
users.
I don't want to sound overly negative, however. Having a good
default environment for Debian is a good goal. It should be
implemented by other means than mucking with /etc/profile. Most
programs can read a global configuration file, for example.
Also, since everyone's `nice' is different, it'd probably be
best to put the niceness stuff in separate packages, so that
people can choose.
> char*pat=". /etc/login.sh; exec -l %s";
> {
> char*buf=malloc(sizeof*pat+strlen(shell));
As a demonstration of the risk of mucking with security-sensitive
portions: your code doesn't work. Make pat an array (``char pat[]="...";'')
and use sizeof on pat, not *pat, and it might work.
(Cheap shot, sorry. I realize that the code was just to show
the idea, not intended as a real implementation.)
--
Please read <http://www.iki.fi/liw/mail-to-lasu.html> before mailing me.
Please don't Cc: me when replying to my message on a mailing list.
Attachment:
pgpMBYZC7_nrz.pgp
Description: PGP signature