From owner-freebsd-security@FreeBSD.ORG  Sat Dec 18 02:11:33 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 11E4E16A4CE
	for <freebsd-security@freebsd.org>;
	Sat, 18 Dec 2004 02:11:33 +0000 (GMT)
Received: from pop-a065c32.pas.sa.earthlink.net
	(pop-a065c32.pas.sa.earthlink.net [207.217.121.247])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C5BDC43D1F
	for <freebsd-security@freebsd.org>;
	Sat, 18 Dec 2004 02:11:32 +0000 (GMT)
	(envelope-from mnsan11@earthlink.net)
Received: from h-68-164-10-138.chcgilgm.dynamic.covad.net ([68.164.10.138]
	helo=earthlink.net)
	by pop-a065c32.pas.sa.earthlink.net with esmtp (Exim 3.33 #1)
	id 1CfU4B-0003MB-00; Fri, 17 Dec 2004 18:11:31 -0800
Message-ID: <41C391BE.3030604@earthlink.net>
Date: Fri, 17 Dec 2004 20:11:10 -0600
From: Elvedin Trnjanin <mnsan11@earthlink.net>
User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: bv@wjv.com
References: <20041217120138.7A89116A4D2@hub.freebsd.org>
	<20041217145315.GB68582@wjv.com>
In-Reply-To: <20041217145315.GB68582@wjv.com>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.1
cc: freebsd-security@freebsd.org
Subject: Re: Strange command histories in hacked shell history
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 18 Dec 2004 02:11:33 -0000

Bill Vermillion wrote:

>
>Can anyone explain why  su   does not use the UID from the login
>instead of the EUID ?  It strikes me as a security hole, but I'm no
>security expert so explanations either way would be welcomed.
>
>Bill
>
>
>  
>
Because su does exactly what is says.  From the manual -


    DESCRIPTION

     *su* requests the password for /login/ and switches to that user and group ID
     after obtaining proper authentication.


Just for fun, here's an little snippet from the sudo manual -


  DESCRIPTION

*sudo* allows a permitted user to execute a /command/ as the superuser 
or another user, as specified in the /sudoers/ file. The real and 
effective uid and gid are set to match those of the target user as 
specified in the passwd file and the group vector is initialized based 
on blah blah blah...


-- 
---
----

http://www.ods.org