Re: "su -" and "su" - what is the real difference?

To: debian-security@lists.debian.org
Subject: Re: "su -" and "su" - what is the real difference?
From: Florent Rougon <f.rougon@free.fr>
Date: Fri, 11 Aug 2006 16:29:15 +0200
Message-id: <[🔎] 873bc34a84.fsf@florent.maison>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 8764h0iy39.fsf@informatik.uni-tuebingen.de> (Goswin von Brederlow's message of "Thu, 10 Aug 2006 14:17:46 +0200")
References: <200607281558.04659.leva@az.isten.hu> <ceb0ad00607280704q1c822fack6818c32eb39020df@mail.gmail.com> <873bcl93xu.fsf@florent.maison> <[🔎] 877j1gby2q.fsf@florent.maison> <[🔎] 8764h0iy39.fsf@informatik.uni-tuebingen.de>

Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de> wrote:

>>     if (isatty (0) && (cp = ttyname (0))) {
>
> For this to succeed the stdin must be a terminal. But nothing stops
> you from using a pseudo terminal (pty).

You're right, that works. Thanks.

My conclusion is that whether using "su" or "su -" from a non-privileged
user account doesn't really matter from a security POV, because you're
stuffed as soon as an attacker having access to this account makes you
run his own su wrapper (which is quite doable) to record the root
password.

-- 
Florent

Reply to:

References:
- Re: "su -" and "su" - what is the real difference?
  - From: Florent Rougon <f.rougon@free.fr>
- Re: "su -" and "su" - what is the real difference?
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: chkrootkit sniffers
Next by Date: Re: [SECURITY] [DSA 1134-1] New Mozilla Thunderbird packages fix several vulnerabilities
Previous by thread: Re: "su -" and "su" - what is the real difference?
Next by thread: Re: [SECURITY] [DSA 1134-1] New Mozilla Thunderbird packages fix several vulnerabilities
Index(es):
- Date
- Thread