[NTLUG:Discuss] Re: SuSE 9 or 9.1 PATH environment changes after su -- still no standard

Bryan J. Smith b.j.smith at ieee.org
Mon Sep 13 14:26:51 CDT 2004 

On Mon, 2004-09-13 at 14:46, Chris Cox wrote:
> Same argument could be made for favoring K&R C over ANSI C.

As always.  In fact, I'm only showing my stubbornness against change in
this matter.

> sudo can get around it.... arguably opening up similar loopholes.
> Depends on how your sudoers file ends up.

That was exactly my point in another post.

> Example was for anyone that was curious.

Oh, it was an excellent one in that regard.

> Yes... always the case.  The security vs. capability problem.  No
> good answer... one shoe can't fit all.  Security almost always
> impedes.

Yeah.  Given the popularity of 

> su results in a safety PATH.
> su - results in the login PATH that root has setup for it.

Fedora Core 2 seems to be the opposite now.  To me, the Fedora way makes
more sense, because "old UNIX wennies" like myself assume "su" leaves
the user path (only now pre-empted by any root path), and "su -" gives
you a pure root login path.

> Often times an "su" is used to execute a command (like in my
> example).  Perhaps a future enhancement to su would make
> command-less "su" default to "su -".  Not sure of the
> implications of that though.

We're now past implications.  I'd like to see some "standards" in the
default behavior of su v. su - with the new "security."

> I prefer the wheel-like solutions in general.  Disallowing users
> from using su at all.  But that's if you are REALLY security conscious.

Actually, that's what I do.  It's better for system accounting, even
with sudo.

So this doesn't address that problem, unless su _also_ looks for wheel
users?  I feel a headache coming on.

But in the case of "new" (I will no longer use the word "ignorant" --
that's an elitist attitude I'll admit) users to Linux, I now agree the
change is probably for the best.

> I guess the idea is that "su -" is just as 'safe' as a real root
> login.  Something best left restricted to the primary (hopefully physically
> secured) console anyhow.

Again, Red Hat and SuSE seem to differ on this -- so which is
"correct"?  LSB doesn't say either way.

> Don't get me wrong,  Certainly my workstation allows me to root-in any
> number of ways.  So my workstation doesn't matter so much... but with
> machines that matter much, I'd go with something far more secure.

Exactomundo.

-- Bryan

P.S.  I typically use full pathnames for critical utilities in my
scripts.

-- 
Bryan J. Smith                                  b.j.smith at ieee.org 
------------------------------------------------------------------ 
"Communities don't have rights. Only individuals in the community
 have rights. ... That idea of community rights is firmly rooted
 in the 'Communist Manifesto.'" -- Michael Badnarik

More information about the Discuss mailing list