Subject: Re: su -d ?
To: NetBSD Userlevel Technical Discussion List <firstname.lastname@example.org>
From: Greywolf <email@example.com>
Date: 04/27/2003 21:22:27
Thus spake Greg A. Woods ("GAW> ") sometime Today...
GAW> If anything there should be a proposal to simplify 'su' so that it does
GAW> by default what is safe, and perhaps doesn't even allow anything less
GAW> safe to be done at all. (and while we're at it '-f' is rather bogus
Oh, please, please! do not modify su from its current behaviour; -f is
sorta bogus, fine, get rid of it. But our 'su' is one that does things
right: It will set $HOME properly so that you get the .cshrc of the
person you are becoming, instead of using the $HOME of the person you
are su-ing _from_. This is crucial!
[The -f is, I believe, a hack from when the only shell anyone really
used (on BSD systems) was csh, and it attempted to pass the -f on as
a flag. That implementation was less than elegant.
The Other OS uses '-f' for 'full login', something BSD used a simple
'-' for. I'd hate to see 'su -' become dishonoured as well.
An exception to '-f' would be that if you type "su -f", it should
be honoured as "su root -f", seeing as su with no arguments implies
"su root". ]
GAW> Meanwhile your particular threat example is still the least of your
GAW> worries if you face this kind of risk....
I would agree with this.
NetBSD: The choice of hundreds worldwide.