Path: utzoo!utgpu!cs.utexas.edu!swrinde!elroy.jpl.nasa.gov!sdd.hp.com!news.cs.indiana.edu!ariel.unm.edu!triton.unm.edu!lael
From: lael@triton.unm.edu (Lael)
Newsgroups: alt.sources
Subject: Re: sux, an enhancer for su
Message-ID: <1991Apr26.061315.5551@ariel.unm.edu>
Date: 26 Apr 91 06:13:15 GMT
References: <462@frcs.UUCP> <1991Apr25.174534.13912@ux1.cso.uiuc.edu>
Organization: University of New Mexico, Albuquerque
Lines: 18

In article <1991Apr25.174534.13912@ux1.cso.uiuc.edu> peltz@cerl.uiuc.edu (Steve Peltz) writes:
>In article <462@frcs.UUCP> paul@frcs.UUCP (Paul Nash) writes:
>>I recently hacked up a fairly trivial enhancer for `su', that allows
>>members of group `wheel' to su at will _without_ needing the root
>>password.
>
>su on our system requires the real uid to be root to avoid being asked for
>a password, so your program won't work. However, in those cases where it
>WILL work, wouldn't the following one-line shell script do just as well?
>Maybe there's a reason; maybe the "groups" command is Sun specific or
>something...
>
>Don't forget to change it to be owned by root and setuid and executable...
	(rest of post deleted)

If you do this, you are making a big mistake, and opening up a root-sized
security hole.  Probably not a very good idea.  (never never never EVER
EVER make a shell script setuid anyone, especially root)