>Number:         14141
>Category:       pkg
>Synopsis:       new pkgsrc/sysutils/su2
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Tue Oct 02 22:18:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     
>Release:        NetBSD 1.5.2
>Organization:
  __
 (oO)  Why vote for the lesser of two evils?  Cthulhu for president.
 /||\
>Environment:
	
System: NetBSD glen 1.5.2 NetBSD 1.5.2 (GLEN) #0: Tue Sep 25 06:41:40 PDT 2001 root@glen:/usr/src/sys/arch/i386/compile/GLEN i386


>Description:
   su2 is a great program for anyone that has anything to do with
   system adiministration.  su2 gives you the ability to masquerade with
   the UID of other users.  You use own password to switch.  Probably the
   biggest benefit of su2 is that you retain your own customized shell
   environment.

   For the most part, this program is used by system administrators to
   become root, but su2 has been written to enable much more flexibility
   than this.  Regular users can put a .su2rc file in their home
   directory to enable other users to become them.  While this may sound
   odd, it is sometimes useful to allow a number of users to masquerade
   around with the uid of restricted accounts.  One such example of this
   is a 'www' account which is a common occurance with the proliferation
   of the web.  While the www user's password may be starred out to
   disable direct logins, root could put a set of usernames into
   ~www/.su2rc to enable these users to 'become' www and do Web
   adiministration.  [This feature can be disabled if you are worried
   about 'account sharing.']

>How-To-Repeat:
>Fix:
   http://amaterasu.math.orst.edu:8080/~sharpej/su2.tgz
>Release-Note:
>Audit-Trail:
>Unformatted: