On a unix system that is used by more than one individual, such as a shellserver, it is very easy for users to gain access to priveledged information about outher users. By running who, for instance, users can immediately see the ips of all the other connected users. The usual strategy to combat this is to change the permissions on who so it can't be run, however, this stops users from knowing who else is online, which can be inconvenient if they would like to communicate with eachother.

What I have done instead is to modify the who binary to allow users to run who, but to make it so that only users who are in the wheel group (members of wheel are allowed to su to root and are the system administrators) are allowed to see the ip addresses. To everyone who isn't in the wheel usergroup, it looks like a regular who output but without the ip addresses. This small change protects users without being an inconvience to anyone.

I only needed to modify one function in who.c to implement this, and the modified function is changed to read as follows:

	struct utmp *up;
	char buf[80];
	gid_t gidset[5];
	int i;
	int groups;
	int access=0;

	groups = getgroups(5, gidset);
	for (i=0; i<=groups-1; i++) if (gidset[i]==0) access=1;
	if getegid()==0 access=1;

	(void)printf("%-*.*s %-*.*s", UT_NAMESIZE, UT_NAMESIZE, up->ut_name,
	    UT_LINESIZE, UT_LINESIZE, up->ut_line);
	(void)strftime(buf, sizeof(buf), "%c", localtime(&up->ut_time));
	buf[sizeof(buf) - 1] = '\0';

	if (access==1)
		if (*up->ut_host)
			printf("\t(%.*s)", UT_HOSTSIZE, up->ut_host);