In my response to the patch posted for bash I stated that the same functionality could be more easily achieved by removing the --noprofile option and putting the equivalent commands in /etc/profile. This claim is completely bogus, as bash will only read /etc/profile when invoked with *argv[0] == '-' or with the --login option. Many thanks to the innumerable people who reminded me of this. This does not change the main point I was trying to make, namely that getting around this "intrusion detection" technique is trivial. Niall
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:56:25 PDT