bug-coreutils
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: su Password Buffer

From: Bob Proulx
Subject: Re: su Password Buffer
Date: Sat, 24 May 2003 17:14:16 -0600
User-agent: Mutt/1.3.28i 
Zach J. Elko wrote:
> Hello. I have noticed that su has a 511 byte buffer for the password,
> and anything past that 511 byte buffer gets passed onto the shell for
> execution.

Thanks for the report.  But I don't think this is something that can
or should be fixed in su.  It is not really even something specific to
this program.  I think the problem is in your libc getpass(3) library
routine.

> Granted, it executes that command as the user who ran su, I think it
> would be better to just display an error message and then take the
> excess bytes and throw them into /dev/null.

The problem is how do you know when to stop reading?

> Any feedback or explanation would be appreciated. Thanks.

Here is what I believe you are seeing.  The program is reading but
only up to the buffer size which is probably the value of 511 that you
have deduced.  It stops reading there.  Any extra characters are still
in the standard input stream and as yet unread.  The program exits.
The shell prints a prompt and then repeats the cycle of reading
standard input in order to execute commands.  The shell reads the
characters still in the input stream and executes them.

I believe su is using the getpass(3) library routine.  Therefore its
behavior is dependent upon the behavior of the system library.  On
different systems, such as hpux which does force a read up to a
newline, you will probably different behavior.

Note that I tried your test case and I was not able to recreate the
problem.  This is one reason I think it is pointing to your getpass(3)
library routine in libc.

I used a lot of vague phrasing here because this is mostly all from
faded memory.  I did not have time to check into the details and
double check the facts.  So I probably missed something important.

Also, you should double check that the 'su' you are using is actually
the su from GNU coreutils.  Many systems use a system specific 'su'
not related to the coreutils.  You did not say which version of things
you were using.  What is the output of these commands?

  uname -a
  su --version
  ll -d /lib/libc.so.6

Obviously the last command won't be useful everywhere but does give
the needed information on the majority of systems today.

Bob
reply via email to
[Prev in Thread] Current Thread [Next in Thread]