Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbatt!ihnp4!chinet!nucsrl!gore
From: gore@nucsrl.UUCP
Newsgroups: comp.sources.d
Subject: Re: Another kind of su program (source)
Message-ID: <3470002@nucsrl.UUCP>
Date: Fri, 6-Feb-87 11:15:44 EST
Article-I.D.: nucsrl.3470002
Posted: Fri Feb  6 11:15:44 1987
Date-Received: Sun, 8-Feb-87 05:47:31 EST
References: <608@vu-vlsi.UUCP>
Organization: Northwestern Univ., Evanston IL
Lines: 29

> Yes a password-free su (PWFSU) is dangerous.
> So is typing the root password all the time.
> I feel that the security trade-off is a wash,
> and PWFSUs win because they are more convenient.

Here we use a program, called 'su2', which consults /usr/lib/super-users
to see if the invoking account is authorized to use it.  Then it asks for the
password *to the invoking account*.  Thus, authorized users can leave their
terminals unattended if nobody knows their password.  (If somebody does know
that password, that somebody doesn't need an unattended terminal.)

On the other hand, if an authorized user always uses 'su2' on a terminal in a
secure place (like a private office), a "+" can be put in front of that user's
login name in /usr/lib/super-users, and that user won't be asked for a
password.

This, I feel, is the best possible solution.  With 'su2', we don't have to
give out the root password, and change it every time we want to remove a
person from the ranks of the privileged.  At the same time, the eligible
superusers don't have to be paranoid when they are operating in their own,
unpriveleged accounts.

That program also has other neat features.  Unfortunately, while there are no
copyright notices in it, I do know that it was written by an HP employee,
and I don't feel free to post it.

Jacob Gore
Northwestern University, Computer Science Research Lab
{ihnp4,chinet}!nucsrl!gore