|Subject:||Minor bug in su shell util.|
|Date:||Wed, 22 May 2002 10:53:31 +0200|
It seems that su accepts valid password (unix) more than 8 characters. But it just reads first 8 chars and authenticates if the user name and first 8 chars of the password is a valid user account. My colleguge has detected it.
1. Valid unix usr account:
2. Bug simulation:
enter cmd su:
Enter login: <root>
Enter pwd: <passwordbuggysu>
util. su will authenticate you successfully. It is a bug, isn't it? But try to logon to a unix/linux terminal, it will throw you out:-)) We tested it with Linux 2.4.10.
We hope that the bug will be fixed in the next release.
|[Prev in Thread]||Current Thread||[Next in Thread]|