Good morning,
just yesterday I stumbled across a little problem in su when I
recursively fucked up the ownership of "/" on a colocated box..
Thereafter I could ssh into that box as an unprivileged user, but was
unable to use sudo, because SETUID root was missing on it as sudo kindly
told me.
Aaand I was unable to su to root, due to an "invalid password", which
was strange..
I thougt I knew the password and tried several permutations of it, but
none worked, so I got my root's password reset by a local operator.
Guess what: The box didn't want to "su" me to root with the new password
either, but I could ssh into the box with root@HOST and the new password..
After some research I found out that "su" needs to be SUID to root as
well, but it obviously does not check on this file property.
I therefore advise calling stat() before checking on the user's password
and eventually throwing an error message.. ;)
Yours,
Michael
PS: If my English sounds/reads somewhat broken... I'm no native speaker
and tired as hell after a night of trying to fix that box...
- bug#10010: "su" *should* check on SUID bit Michael Lenz
-
