Red Hat Bugzilla – Bug 61925
PAM/SU behaviour is worrying with regards to root user
Last modified: 2005-10-31 17:00:50 EST
Comment out the entry for auth sufficient pam_rootok
(Not wanting root to be able to su - this makes sense with stuff like RSBAC)
[no password is requested]
I'd really expect this to fail the su
It could be possible that the check for root is in su itself and not in pam.
In fact, it is...
Fixed in -12
Reverted the fix because it introduces a much much worse problem (Bug #62432).
Setting to NEEDINFO for resolution of #62432
Fixed in -14