[NTLUG:Discuss] Re: SuSE 9 or 9.1 PATH environment changes after su -- is it only for root?

Bryan J. Smith b.j.smith at ieee.org
Mon Sep 13 13:10:01 CDT 2004 

On Mon, 2004-09-13 at 12:10, Chris Cox wrote:
> Su (on SUSE) reads in /etc/login.defs where you can set the root
> PATH.

Right.  But according to Steve's tests, there is _no_way_ to preserve
the user's path for an existing "su".

Remember that "-" is more than just PATH, it dictates a full login
shell.  This has me curious on what _should_ happen.  I guess I should
look to the latest LSB 2.0 to see if they have addressed this or not.

> While certainly true of old Unix... this is not true of new Unix.
> The standard, for security reasons (hopefully obvious), is for an
> su to root to NOT inherit the user's PATH.

So it is a security default for people who are ignorant of how to use
"su".  I gotcha.  That actually makes sense.

> SUSE and Solaris (and probably any SVR4) provide mechanisms by which root
> s path can be set when somebody does an "su".

I was just on Solaris 9 Friday, so did they change it in Solaris 10.

> it's easy to say that we should stick with the insecure solution
> (ala Red Hat and old Unix), but it is in fact bad practice.

For people that are ignorant of what "-" does, yes.  I do now see it
that way.  But it kinda erks me that because people don't learn how to
use commands proper, there are now _new_ issues with compatibility.

So my question is, how do I get the _default_ behavior back?  According
to Steve's tests, the paths _always_ change.  How do I preserve the
paths?

Furthermore, it is _always_ launching a new shell?  Or just modifying
the paths?  And is this _only_ for root?

> For example: ...

Oh, the second you said it was a security issue, I understood 100% of
what you mean.  I actually understand your point completely.

My complaint is that it is a security issue because people are ignorant
of the parameters involved.  Which breaks compatibility for those of us
who "know what we are doing."

>From Steve's post, it does _not_ look like it's consistent either.
  su results in a basic root PATH
  su - results in a root _plus_ user (which? default?) PATH

There can still be security issues with "-" setup.  If they wanted
"true" security, they I now argue they should default su - to be
_exactly_ what su is -- and _not_ introduce user paths at all!

Just my observations.


-- 
Bryan J. Smith                                  b.j.smith at ieee.org 
------------------------------------------------------------------ 
"Communities don't have rights. Only individuals in the community
 have rights. ... That idea of community rights is firmly rooted
 in the 'Communist Manifesto.'" -- Michael Badnarik

More information about the Discuss mailing list