bug-sh-utils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Probable bug in su:


From: Bob Proulx
Subject: Re: Probable bug in su:
Date: Tue, 28 Jan 2003 09:41:10 -0700
User-agent: Mutt/1.4i

B Uday Kumar Reddy wrote:
> I found the following issue regarding 'su' part of GNU
> sh-utils-2.0:

Thanks for the report.  But this is not a problem with su.  It is
generic system behavior.

> On a system which is a client to the NIS Server
> (running ypbind), the root user can do an su to any
> other user on the NIS without asking for the password.
> This I think should not be allowed as being root on a
> machine doesn't give you any right to switch to a user
> who is not in the local /etc/passwd file. 

The root user on a system has full permissions for all actions.
There is no way to prevent the root user from becoming another user.
Hiding it from su would not prevent root from writing this perl
script.

  perl -MPOSIX -e 'POSIX::setuid(1002); system("/bin/sh");'

Bob

-- 
Please keep follow ups on the mailing list and not to me privately
unless it is personal.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]