Re: su - user question

To: debian-security@lists.debian.org
Subject: Re: su - user question
From: Adam Warner <lists@consulting.net.nz>
Date: 22 Jan 2002 11:07:29 +1300
Message-id: <[🔎] 1011650849.1821.2.camel@web>
In-reply-to: <[🔎] 20020121134139.D18464@rfa.org>
References: <[🔎] 1011477853.11070.0.camel@web> <[🔎] 20020121134139.D18464@rfa.org>

On Tue, 2002-01-22 at 07:41, Federico Grau wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Sun, Jan 20, 2002 at 11:04:13AM +1300, Adam Warner wrote:
> > Hi everyone,
> > 
> ...
> > The question I have is if I "su - username" and then browse the web,
> > etc. is it impossible for a remote user who managed to gain access to
> > that user session to become root by exiting out of the user account?
> > 
> Is there a reason to leave the parent shell around?  How about, instead of "su
> - - username" "exec su - username".  If you are simply running a console as root
> that should remove any way of getting back to root from username.  If you are
> running X as root, then you have bigger problems.

Federico, are you saying that if you su - to a user account (from root)
and then start X that you are running X as root? If so that is a major
problem.

Regards,
Adam

Reply to:

Follow-Ups:
- Re: su - user question
  - From: martin f krafft <madduck@madduck.net>

References:
- su - user question
  - From: Adam Warner <lists@consulting.net.nz>
- Re: su - user question
  - From: Federico Grau <grauf@rfa.org>

Prev by Date: Re: su - user question
Next by Date: Re: Mail server anti-virus software?
Previous by thread: Re: su - user question
Next by thread: Re: su - user question
Index(es):
- Date
- Thread