Subject: Re: su -d ?
To: David Laight <firstname.lastname@example.org>
From: Greg A. Woods <email@example.com>
Date: 04/27/2003 16:14:51
[ On Sunday, April 27, 2003 at 20:08:18 (+0100), David Laight wrote: ]
> Subject: Re: su -d ?
> I was actually thinking of the case where you need to su to root,
> but are deep within a directory hierachy and don't want to change
> the current directory.
Then don't use '-l'
> Using 'su root' is dangerous because it keeps all the baggage of the
> existing user - if ENV is set it will run that script as root (which
> is almost certainly not what you had in mind, never mind problems with
> some malicious user typing export ENV=xxx while you aren't looking).
Then use 'env -i su root'
(and don't _EVER_ allow anyone to type to your session if you are
privileged enough to 'su root' whether you're looking or not -- "export
ENV=xxx" is the very least of your worries!!!!)
Greg A. Woods
+1 416 218-0098; <firstname.lastname@example.org>; <email@example.com>
Planix, Inc. <firstname.lastname@example.org>; VE3TCP; Secrets of the Weird <email@example.com>