Problems with su/csh on Ultrix 4.0/DECstation 5000

Dan Barrett barrett at jhunix.HCF.JHU.EDU
Thu Nov 29 05:51:42 AEST 1990


In article <1990Nov27.141002.5396 at ssd.kodak.com> weimer at ssd.kodak.com (Gary Weimer) writes:
>For some reason, su needs to access every directory
>in your current path to be able to access the /etc/passwd file (added
>security?).

	I think there's a simpler explanation.  Imagine what would happen
if you were in a private directory:

		$ cd
		$ mkdir private
		$ chmod 700 private
		$ cd private

and then you tried to "su" to another user and succeeded:

		$ su anotheruser
		Password:
		%

Now "anotheruser" is inside your protected directory.  This contradicts
the mode (-rwx------) of the directory "private", and therefore it cannot
happen.

                                                        Dan

 //////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
| Dan Barrett, Department of Computer Science      Johns Hopkins University |
| INTERNET:   barrett at cs.jhu.edu           |                                |
| COMPUSERVE: >internet:barrett at cs.jhu.edu | UUCP:   barrett at jhunix.UUCP    |
 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\/////////////////////////////////////



More information about the Comp.unix.internals mailing list