From owner-freebsd-current@FreeBSD.ORG Mon May 19 12:51:40 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDE6F37B401 for ; Mon, 19 May 2003 12:51:40 -0700 (PDT) Received: from ns1.gnf.org (ns1.gnf.org [63.196.132.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id F20A543FBF for ; Mon, 19 May 2003 12:51:39 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: from EXCHCLUSTER01.lj.gnf.org (exch01.lj.gnf.org [172.25.10.19]) by ns1.gnf.org (8.12.8p1/8.12.8) with ESMTP id h4JJpctF027218 for ; Mon, 19 May 2003 12:51:38 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: from roark.gnf.org ([172.25.24.15]) by EXCHCLUSTER01.lj.gnf.org with Microsoft SMTPSVC(5.0.2195.5329); Mon, 19 May 2003 12:51:39 -0700 Received: from roark.gnf.org (localhost [127.0.0.1]) by roark.gnf.org (8.12.9/8.12.9) with ESMTP id h4JJpdjX048360; Mon, 19 May 2003 12:51:39 -0700 (PDT) (envelope-from gtetlow@gnf.org) Received: (from gtetlow@localhost) by roark.gnf.org (8.12.9/8.12.9/Submit) id h4JJpaNN048359; Mon, 19 May 2003 12:51:36 -0700 (PDT) (envelope-from gtetlow) Date: Mon, 19 May 2003 12:51:36 -0700 From: Gordon Tetlow To: Frank Bonnet Message-ID: <20030519195136.GE1950@roark.gnf.org> References: <20030519110242.A21561@bart.esiee.fr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="OWym5pP/pDvoNOpg" Content-Disposition: inline In-Reply-To: <20030519110242.A21561@bart.esiee.fr> User-Agent: Mutt/1.4i X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . X-OriginalArrivalTime: 19 May 2003 19:51:39.0803 (UTC) FILETIME=[1060DEB0:01C31E40] cc: freebsd-current@freebsd.org Subject: Re: "su" bug X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 May 2003 19:51:41 -0000 --OWym5pP/pDvoNOpg Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, May 19, 2003 at 11:02:42AM +0200, Frank Bonnet wrote: >=20 > Hi >=20 > I notice at 5.1-BETA-20030507-JPSNAP=20 > I am able to "su -" anyone ( even root ) > without typing any passwd from a normal > user account. It sounds like you have a pam_permit somewhere you shouldn't. > The machine use nss_ldap if it makes a difference. I've got nss_ldap and I don't have this problem. -gordon --OWym5pP/pDvoNOpg Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+yTXIRu2t9DV9ZfsRAli7AJ4tGdPFJ55adSowZ14ufJwyfbDMlQCgp9JN h5QvZ0PGkyzaulvazOpCINc= =96Km -----END PGP SIGNATURE----- --OWym5pP/pDvoNOpg--