Bug 65678
Summary: | Danger: the 'su' command does not ask for root password | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | ThuBi <thubi> |
Component: | sh-utils | Assignee: | wdovlrrw <brosenkr> |
Status: | CLOSED NOTABUG | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 7.3 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2002-05-29 22:34:15 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
ThuBi
2002-05-29 22:34:09 UTC
This certainly doesn't happen on any systems here. There are two things that might cause this: - Your root password is blank - Someone cracked your machine and replaced su with something else. You can verify the former by just typing passwd as root and resetting the password to something sane. You can verify the latter by typing "rpm -V sh-utils" There are 2 more possibilities, even: - Your /etc/pam.de/su contains something along the lines of auth sufficient /lib/security/pam_permit.so - Your normal user is user ID 0, su doesn't prompt user ID 0 for passwords when su'ing to a different account. |