[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "su -" and "su" - what is the real difference?


Good Question.
I had never thought THAT deeply about it, and always just thought about it in terms of which scripts would set which environmental variables and paths. su keeping your current environment, but changing you effective UID, while su - would give you root's Path and environment.
So, I would be interested in hearing what the additional security implications would be. 

David.

--
David Ehle
Computing Systems Manager
CAPP CSRRI
rm 077
LS Bld. IIT Main Campus
Chicago IL 60616
ehle@iit.edu
312-567-3751

He who fights with monsters must take care lest he thereby become a
monster. And if you gaze for long into an abyss, the abyss gazes also into
you.

On Fri, 28 Jul 2006, LeVA wrote:


Hi!

Here comes a lame question yes I know, but I need to hear the
experiences and opinions about this.
I've read thru a number of documents which described the differences
between the real and effective user ids and I am now just wondering
about this:

What is the difference (I mean in the "real world") between running `su`
(getting a non-login shell) and `su -` (getting a login shell). Is
there a security related problem with any of the invokings above? AFAIK
the real and effective uids are always set to 0 after both commands.

Thanks!

Daniel

--
LeVA


--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: