[Pkg-shadow-devel] possible bug when su does not ask for password
Siim Põder
siim at p6drad-teel.net
Mon May 12 12:50:44 UTC 2008
Yo!
Relevant versions, etc:
bug first appeared in when upgrading linux kernel from 2.6.18 to
2.6.24.5. Also tested 2.6.23.16 (not present) and 2.6.25 (present).
Seemingly on i386 arch (does not seem to surface on x86_64). Appears
with both login version 1:4.1.1-1 and 1:4.0.18.1-7 (debian package
versions).
Description:
When su does not to require a password (by PAM conf), either by
auth sufficient pam_wheel.so trust
running as a user in group wheel or
auth sufficient pam_rootok.so
running as root (I cleared the rest of PAM rules for su to lessen the
chance it could be a PAM bug), when I press a key after su has opened a
root shell, a newline appears into the input from someplace, and I get
something like:
test:/etc/pam.d# su
test:/etc/pam.d# a
bash: a: command not found
test:/etc/pam.d#
note, that I do not press enter after the "a". The newline appears to
come from some unflushed buffer or similar. It does not appear to happen
with sudo and it does not happen when I strace or ltrace su (or at least
i'm not able to reproduce it). It is also less likely to happen with "su
-" than with plain "su". It does not happen when I do "sleep 1; su".
Appears on any kind of terminal (real console or pseudo-terminal). Maybe
something in kernel related to timing changed as it's appearance seems
to have to correlate to the time between pressing enter and su finishing?
If you think it's not shadow bug, could you point me to what bug you
think it may be?
Siim
More information about the Pkg-shadow-devel
mailing list