Xref: utzoo comp.unix.ultrix:5463 comp.unix.questions:27251 comp.unix.internals:1161
Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!uakari.primate.wisc.edu!aplcen!jhunix!barrett
From: barrett@jhunix.HCF.JHU.EDU (Dan Barrett)
Newsgroups: comp.unix.ultrix,comp.unix.questions,comp.unix.internals
Subject: Re: Problems with su/csh on Ultrix 4.0/DECstation 5000
Keywords: ultrix csh getwd cron shell
Message-ID: <7004@jhunix.HCF.JHU.EDU>
Date: 28 Nov 90 18:51:42 GMT
References: <1990Nov27.005226.18032@sarah.albany.edu> <1990Nov27.141002.5396@ssd.kodak.com>
Followup-To: comp.unix.ultrix
Distribution: na
Organization: The Johns Hopkins University - HCF
Lines: 30

In article <1990Nov27.141002.5396@ssd.kodak.com> weimer@ssd.kodak.com (Gary Weimer) writes:
>For some reason, su needs to access every directory
>in your current path to be able to access the /etc/passwd file (added
>security?).

	I think there's a simpler explanation.  Imagine what would happen
if you were in a private directory:

		$ cd
		$ mkdir private
		$ chmod 700 private
		$ cd private

and then you tried to "su" to another user and succeeded:

		$ su anotheruser
		Password:
		%

Now "anotheruser" is inside your protected directory.  This contradicts
the mode (-rwx------) of the directory "private", and therefore it cannot
happen.

                                                        Dan

 //////////////////////////////////////\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
| Dan Barrett, Department of Computer Science      Johns Hopkins University |
| INTERNET:   barrett@cs.jhu.edu           |                                |
| COMPUSERVE: >internet:barrett@cs.jhu.edu | UUCP:   barrett@jhunix.UUCP    |
 \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\/////////////////////////////////////