1274 – 'su' reads pwd from stdin

Bug 1274 - 'su' reads pwd from stdin

Summary: 'su' reads pwd from stdin

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	sh-utils
Sub Component:
Version:	5.2
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	---
Assignee:	Cristian Gafton
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-02-22 08:10 UTC by borgia
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	1999-03-31 20:51:21 UTC
Embargoed:

Attachments	(Terms of Use)

Description borgia 1999-02-22 08:10:01 UTC

The fact that 'su' reads the password from stdin allows any
user to fake a login prompt and collect other users'
passwords. I've not been able to get a shell out of this
bug, but execution of commands as another user is indeed
possible.
Solution: compile 'su' so that it does not read the password
from stdin (as other dists do)

Comment 1 Jay Turner 1999-03-26 20:09:59 UTC

Erik please verify if this is incorrect, and please close it if so.

Comment 2 Jay Turner 1999-03-26 20:36:59 UTC

Christian, look at this and verify that is incorrect, if so then
please close it.

Comment 3 Erik Troan 1999-03-31 20:51:59 UTC

fixed in sh-utils-1.16-18

Note You need to log in before you can comment on or make changes to this bug.