Not on a Windows host, Craig Both are zero for me on our Dev box (probably because I'm an Administrator-equivalent) And System(19) ends up with the 'bogus' @LOGNAME
System(1301) has got my actual domain login. According to a program posted here by Richard Sias, System(19) is "Unix Login" but System(1301) is 'Unknown'. Anyone care to share what 1301 actually is? There doesn't seem to be any trace of the original value of @WHO after Gerry's hack, or after an "IAM". But since "IAM" is apparently supposed to work that way, I guess we can't complain too much about that. Hope this helps Mike -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Craig Bennett Sent: Monday, 13 September 2004 13:21 To: [EMAIL PROTECTED] Subject: Re: [U2] major (?) @var security hole If you need a value that won't change, try SYSTEM(27) or SYSTEM(28). These return the operating system user Id and effective user Id. You may need to parse the /etc/passwd file to match to a login name (but your LOGIN proc could store this too, before anyone has a chance to fiddle with @ACCOUNT). Craig ------- u2-users mailing list [EMAIL PROTECTED] To unsubscribe please visit http://listserver.u2ug.org/ The information contained in this Internet Email message is intended for the addressee only and may contain privileged information, but not necessarily the official views or opinions of the New Zealand Defence Force. If you are not the intended recipient you must not use, disclose, copy or distribute this message or the information in it. If you have received this message in error, please Email or telephone the sender immediately. ------- u2-users mailing list [EMAIL PROTECTED] To unsubscribe please visit http://listserver.u2ug.org/
