gnu-misc-discuss
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GNU su and the wheel group

From: telford
Subject: Re: GNU su and the wheel group
Date: Tue, 05 Oct 2004 21:47:29 -0000 
Klaus von der Heyde <uzs95e@uni-bonn.de> wrote:
> Martin Guy wrote:

>> In general, su-ing from an insecure account to a secure one is a no-no
>> since the insecure account can have its own program called "su" in
>> $HOME/bin which turns character echo off, prints "Password: ",

> A good reason not to put $HOME/bin anywhere except the last position
> in $PATH... or not have it in $PATH at all.

> Using su from an user account is often used on systems being
> adminstrated over an ssh connection, when root login via ssh is
> disabled.

The root case is already covered: you have to be in the wheel group
It's a matter of whether non-root users should legitimately be using
su to get to other non-root users. 

> The security-aware sysadmin may call /bin/su (or whereever
> the original su is) explicitly.

A security aware admin who doesn't trust the account they are
currently using has no idea whether calling /bin/su can be trusted
either seeing as they don't know what sort of shell they are
working inside. Once you are in an insecure environment there is
NO safe way out, none whatsoever.

So many people forget this and poorly evaluate the level of
trust that they are currently working at, I don't believe that
using su to get from one user account to another should be
encouraged. It represents one more leaky hole in the security
bucket.

        - Tel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]