7517 – Use of su from a remote login is a possible security risk

Bug 7517 - Use of su from a remote login is a possible security risk

Summary: Use of su from a remote login is a possible security risk

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	sh-utils
Sub Component:
Version:	6.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	bero
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-12-02 18:05 UTC by Ted Knupke
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2000-02-03 18:40:28 UTC
Embargoed:

Attachments	(Terms of Use)

Description Ted Knupke 1999-12-02 18:05:59 UTC

It is possible for a remote user to log into root via su even when
/etc/security/access.conf is set up to deny access to root from remote
locations.  (I am not sure whether this is a problem with su or with pam.)

Comment 1 Elliot Lee 2000-02-03 18:40:59 UTC

This is the normal, expected behaviour. If you wish to deny root shells at all
from remote hosts, you can change your PAM configuration to use the
pam_securetty module for the 'su' service.

Note You need to log in before you can comment on or make changes to this bug.