su Security
guy at gorodish.UUCP
guy at gorodish.UUCP
Fri Feb 6 17:30:41 AEST 1987
>A program to check a table of users to see if they are authorized to
>execute 'su' is of limited utility, if any. If a user has the root
>password and they are excluded from running 'su', there is nothing to
>prevent them from just running 'login' and logging in as the superuser.
Actually, there is something to prevent them from doing that; give
them a ".login" or ".profile" that blows a raspberry and exits. Of
course, if you have an "su" that supports an option that says "run
the new shell as a login shell", this won't work.
>If you are going to modify 'su', you might as well modify 'login' as
>well, perhaps to ask a second password or to check from which terminal
>the login is being attempted (except that I believe System V already
>does this through the use of /etc/securetty?).
4.2BSD does, 4.3BSD uses "/etc/ttys" instead, System V doesn't. S5's
"login", at least in S5R3, is built with an option that only allows
root logins on "/dev/console". 4.3BSD's "login" also will call
"syslog" to log a message indicating that somebody has logged in as
the super-user.
More information about the Comp.unix.wizards
mailing list