> > I recently noticed that running login (no arguments) once logged in, and > providing it with your username and password would hide one from finger > requests under SunOS 4.13u1. Has anybody else noticed this, under SunOS, or > other unix variants? > David Sacerdote Yep, this has been known for years, and crops up under most UNIX's. If you choose to leave login 6755 and give users access to it, then thats the price you pay. Personally, I recommend removing the suid bit and/or making it non world executable. If people need to switch uid's they can either logout and login again, use su, or telnet localhost or rlogin localhost or whatever. -- ------------------------------------------+----------------------------------- Mailed using ELM on FreeBSD | Karl Strickland PGP 2.3a Public Key Available. | Internet: karl@bagpuss.demon.co.uk |