su issues (was "")

[david nicol]

We've been linked to a groups solution and a ACL solution (sudo provides
the /etc/sudoers access list but a sudoers group would work too)

How about patching su to crash and burn when the offered username is
"" or "root"? That'll take about this much coding

	if (!username) exit;
	if (*username == 'r' && username[1] == 'o' &&
	    username[2] == 'o' && username [3] == 't') exit

but you'd have to open up your su source and find where to paste it in. 

On Thu, 2003-01-02 at 11:52, Patrick Crain wrote:
> a little off topic but has any one seen an SU that wont take or even allow 
> you to type the password when you attempt to log in as root from a user 
> account? Strange, but i cant seem to find any bug reports on this or i am 
> not looking in the right place.thanks in advance  -Dutch

-- 
David Nicol, independent consultant and contractor            312 587 2868
                                                    "Grey is the new gray"