Subject: Re: can't su
To: michael smith <miff@spam.frisbee.net.au>
From: Manuel BOUYER <bouyer@antioche.ibp.fr>
List: port-sparc
Date: 01/09/1997 15:25:11
On Jan 9, michael smith wrote
> It has also been suggested that your 'su' is not setuid root, however
> 'su' doesn't log the "BAD SU" message unless it is setuid root.
>
It does(just tried it), because getpwent (or the similar used function, I
didn't look at the sources) can't get the crypted passwd string from
/etc/spwd.db, so it gets an '*' instead, from /etc/pwd.db. And the passwd
you enters, after crypt(), never match '*'. So you get the 'BAD SU' message,
just as if you entered the wrong passwd.
--
Manuel Bouyer, MASI, Universite Paris VI.
email: bouyer@masi.ibp.fr
--