[ On Sunday, April 27, 2003 at 20:08:18 (+0100), David Laight wrote: ]
> Subject: Re: su -d ?
>
> I was actually thinking of the case where you need to su to root,
> but are deep within a directory hierachy and don't want to change
> the current directory.

Then don't use '-l'

> Using 'su root' is dangerous because it keeps all the baggage of the
> existing user - if ENV is set it will run that script as root (which
> is almost certainly not what you had in mind, never mind problems with
> some malicious user typing export ENV=xxx while you aren't looking).

Then use 'env -i su root'

(and don't _EVER_ allow anyone to type to your session if you are
privileged enough to 'su root' whether you're looking or not -- "export
ENV=xxx" is the very least of your worries!!!!)

-- 
								Greg A. Woods

+1 416 218-0098;            <g.a.woods@ieee.org>;           <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>