> > If we did not need to hack /bin/login to manage the credentials
> > cache could we always use the default os /bin/login?
>
> There's still one important hurdle -- using some OS means to restrict
> access to the ccache. As far as I can see at the moment, for a Joe
> Unix system that means UID-based access or inheritance of a file
> descriptor. Somewhere between telnetd and the shell, some process is
> going to have to set up that protection. The /bin/login won't
> leave a miscellaneous fd open, so are you ready to teach telnetd
> about uids? Peek at its descendent's uid through procfs??? Brrr.
>
> Matt
>
I'm not sure that I have much of a choice.
Jeffrey Altman * Sr.Software Designer
The Kermit Project * Columbia University
612 West 115th St * New York, NY * 10025 * USA
http://www.kermit-project.org/ * kermit-support@kermit-project.org
