Re: [cobalt-security] Root

["Dylan" <dylan@xxxxxxxxxxxxxx>]

If its a raq 2 the /var/ partition could be full. Not being able to su to
root is a symptom of this.

-Dylan

----- Original Message -----
From: Frank Smith <fsmith@xxxxxxxxxxx>
To: <cobalt-security@xxxxxxxxxxxxxxx>
Sent: Saturday, July 15, 2000 12:54 AM
Subject: Re: [cobalt-security] Root


> On the RAQ2 at least it seems you can only su to root if you are
> logged in as admin.  Are you always trying to su from the same
> user?
>    If you don't have . in your path you are much less likely to
> execute an unexpected program.
>
> Frank
>
>
> Frank
>
> --On 07/14/00 08:46:44 -0600 David Love <dlove@xxxxxxxxxxxxxxxxxxxxx>
wrote:
>
> >> How is it that once in a while, i lost root access (when i su to root,
it
> >> gives wrong password).  But, when I reboot the server, and su again it
> >> works.  Then, after a while (a couple of days) it gives the same
problem
> >> again.  Was our server hacked, was it a bug?
> >
> >
> > First thing that comes to mind:  When you su, do you specify the full
> > path (/bin/su) or just the command?  If the latter, it's possible you're
> > picking up some other su command (e.g., a shell-script some user created
> > that tries to capture an unsuspecting admin's password). Always specify
> > the full path for su .
> >
> > I can't think of any other reason, other than bad typing, that su would
> > randomly fail.
> >
> >   - Dave
> >
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
>
>
>
> Frank Smith                                          fsmith@xxxxxxxxxxx
> Systems Administrator                               Voice: 512-374-4673
> Hoover's Online                                       Fax: 512-374-4501
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>