[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why is su preserving the environment?

## Josselin Mouette (joss@debian.org):

> I think Steve has a point, and as he explains, this is not a big
> security issue; however it is breaking the expectations you have when
> logging as another user. For example, it is not expected that starting
> an application as the other user will re-use the running one, and it is
> not expected that accessing the GNOME keyring will show the passwords of
> the original user.

That behaviour is well decumented in the manpage (at least on my
Debian systems)... "The current environment is passed to the new shell."
Assumptions is the mother of all screwups, especially when using
mighty tools without reading the docs :)


Spare Space

Reply to: