In message <9408120347.AA02964@matt.itd.uts.edu.au>you write: >well i had a bit of a hack around last night with 2.3 login. it seems you >can set enviroment variables with login such as > >% exec login user IFS=/ > >now of course IFS,PTAH,SHELL cant be set but others can! now of course >since login tries to read past the user name you can get login to core dump >quite easily by over feeding it like this > >% exec login user "`cat big.binary.file`" > >this will quite hapilly core dump login. We've turned off public execute permission for login. The only thing this breaks is the ability to type "login foo" and log in as foo after being logged in as somebody else. su or "rlogin localhost -l foo" are perfectly suitable alternatives. Regards, John -- John DiMarco <jdd@cdf.toronto.edu> Office: EA201B Computing Disciplines Facility Systems Manager Phone: 416-978-1928 University of Toronto Fax: 416-978-1931 http://www.cdf.toronto.edu/personal/jdd/jdd.htm