If a succesful login at the console (e.g. user 'phnl')
FOLLOWS an unsuccesful one (e.g. false user name, 'Shit' in
the example), then if user phnl does a 'ps axu' one of the
entries is the following:
phnl 16792 0.1 1.5 1500 988 1 S 20:33 0:00
/bin/login -- Shit
The particular process is the succesfull login of phnl but
appears with the name 'Shit' which is the previous
It is not important of course but its is a fault. And on the
other hand it could be a 'secutity hole' for someone who
by mistake types the pass instead of username. Then everyone
could see his password simply doing a 'ps axu'!
I tried two different machines with kernels 2.0.34 and
2.0.36 both with redhat 5.1 and the result was the same.
I have been able to replicate this bug with 5.1. The failed login name
does show up in a ps -ax listing.
On the other hand I could not get this to happen using 5.2. My
suggestion would be to upgrade to 5.2.