Re: [cobalt-security] Root

[Frank Smith <fsmith@xxxxxxxxxxx>]

On the RAQ2 at least it seems you can only su to root if you are
logged in as admin.  Are you always trying to su from the same
user?
  If you don't have . in your path you are much less likely to
execute an unexpected program.

Frank


Frank

--On 07/14/00 08:46:44 -0600 David Love <dlove@xxxxxxxxxxxxxxxxxxxxx> wrote:

> > How is it that once in a while, i lost root access (when i su to root, it
> > gives wrong password).  But, when I reboot the server, and su again it
> > works.  Then, after a while (a couple of days) it gives the same problem
> > again.  Was our server hacked, was it a bug?
>
>
> First thing that comes to mind:  When you su, do you specify the full
> path (/bin/su) or just the command?  If the latter, it's possible you're
> picking up some other su command (e.g., a shell-script some user created
> that tries to capture an unsuspecting admin's password). Always specify
> the full path for su .
>
> I can't think of any other reason, other than bad typing, that su would
> randomly fail.
>
>   - Dave
>
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security



Frank Smith                                          fsmith@xxxxxxxxxxx
Systems Administrator                               Voice: 512-374-4673
Hoover's Online                                       Fax: 512-374-4501