On a
unix system that is used by more than one individual, such as a
shellserver, it is very easy for users to gain access to
priveledged information about outher users. By running
who, for instance, users can immediately see the
ips of all the other connected users. The usual strategy to combat this is to change the
permissions on who so it can't be run, however, this stops users from knowing who else is
online, which can be inconvenient if they would like to
communicate with eachother.
What I have done instead is to modify the who binary to allow users to run who, but to make it so that only users who are in the wheel group (members of wheel are allowed to su to root and are the system administrators) are allowed to see the ip addresses. To everyone who isn't in the wheel usergroup, it looks like a regular who output but without the ip addresses. This small change protects users without being an inconvience to anyone.
I only needed to modify one function in who.c to implement this, and the modified function is changed to read as follows:
void
output(up)
struct utmp *up;
{
char buf[80];
gid_t gidset[5];
int i;
int groups;
int access=0;
groups = getgroups(5, gidset);
for (i=0; i<=groups-1; i++) if (gidset[i]==0) access=1;
if getegid()==0 access=1;
(void)printf("%-*.*s %-*.*s", UT_NAMESIZE, UT_NAMESIZE, up->ut_name,
UT_LINESIZE, UT_LINESIZE, up->ut_line);
(void)strftime(buf, sizeof(buf), "%c", localtime(&up->ut_time));
buf[sizeof(buf) - 1] = '\0';
if (access==1)
if (*up->ut_host)
printf("\t(%.*s)", UT_HOSTSIZE, up->ut_host);
(void)putchar('\n');
}