Hi there,
It seems that su accepts valid password (unix) more than 8 characters. But it just reads first 8 chars and authenticates if the user name and first 8 chars of the password is a valid user account. My colleguge has detected it.
Bug Input:
1. Valid unix usr account:
login: <root>
pwd: <password>
2. Bug simulation:
enter cmd su:
Enter login: <root>
Enter pwd: <passwordbuggysu>
util. su will authenticate you successfully. It is a bug, isn't it? But try to logon to a unix/linux terminal, it will throw you out:-)) We tested it with Linux 2.4.10.
We hope that the bug will be fixed in the next release.
Regards,
Unix users
