[Pkg-shadow-devel] Bug#611584: Bug#611584: /bin/su: not quite aggressive enough about cleaning the environment

Zack Weinberg zackw at panix.com
Tue Feb 1 18:16:22 UTC 2011


On Mon, Jan 31, 2011 at 10:16 PM, Mike Frysinger <vapier at gentoo.org> wrote:
> suing to root and claiming security issues makes no sense.  think
> about it for all of three seconds.

I have.  If you do "su -" instead of "su" you expect that to isolate
you from (for instance) hostile clients on the same X session.  I
realize there are ways a determined attacker can get past anything su
can do (by attacking the unprivileged terminal you're typing at, for
instance), but that's not an excuse for su not even *trying*.

> as for the env vars you quoted, try reading the man page yet again:
>    If --login is used, the $TERM, $COLORTERM, $DISPLAY, and
> $XAUTHORITY environment variables are copied if they were set.

That it is documented does not make it not a bug.

zw





More information about the Pkg-shadow-devel mailing list