[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU su and the wheel group

From: Klaus von der Heyde
Subject: Re: GNU su and the wheel group
Date: Tue, 05 Oct 2004 17:49:12 +0200
User-agent: KNode/0.6.1

Martin Guy wrote:

> In general, su-ing from an insecure account to a secure one is a no-no
> since the insecure account can have its own program called "su" in
> $HOME/bin which turns character echo off, prints "Password: ",

A good reason not to put $HOME/bin anywhere except the last position
in $PATH... or not have it in $PATH at all.

Using su from an user account is often used on systems being
adminstrated over an ssh connection, when root login via ssh is
disabled. The security-aware sysadmin may call /bin/su (or whereever
the original su is) explicitly.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]