Re: su does not recognized root password

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: su does not recognized root password

From:	James Youngman
Subject:	Re: su does not recognized root password
Date:	Mon, 31 Jan 2005 08:53:11 +0000
User-agent:	Mutt/1.3.28i

On Mon, Jan 31, 2005 at 05:34:24AM +0000, Philip Rowlands wrote:

> Listfolk; is there a reason why su doesn't check for "root"-iness before
> jumping into the password prompt or PAM routines? By comparing EUID vs
> UID or somesuch?

In the general case it might be hard to determine that.  For example,
setuid() can succeed if the caller has the CAP_SETUID capability
(either because the calling user has CAP_SETUID or because the "su"
binary somehow has the CAP_SETUID capability set).  They don't need to
be root.  Of course, if they're not root but do have CAP_SETUID, su
will still ask for a password (su asks for a password unless the real
user ID is 0 or the target user has no password).

I don't know, though, of any GNU systems that actually have a way of
associating a file capability set with a file.  

Regards,
James.

[Prev in Thread]

Current Thread

[Next in Thread]

su does not recognized root password, Tony Guo, 2005/01/30
- Re: su does not recognized root password, Bob Proulx, 2005/01/30
- Re: su does not recognized root password, Philip Rowlands, 2005/01/31
  - Re: su does not recognized root password, James Youngman <=

Prev by Date: Re: su does not recognized root password
Next by Date: Re: numeric sort over multiple fields: bug or feature ?
Previous by thread: Re: su does not recognized root password
Next by thread: numeric sort over multiple fields: bug or feature ?
Index(es):
- Date
- Thread