SU vulnerability

Sergey mafia_rgd at
Fri Dec 9 06:59:30 UTC 2005

Long time ago I decided to protect my system by allowing *ONLY* users in wheel 
group to su to root. This allows to protect the system. Regardless where you 
know the root password or not - you can not su as long as system 
administrator does not put you into wheel group.

As I know this is the default behaviour of FreeBSD.

In redhat you do it by uncommenting line in /etc/pam.d/su

# Uncomment the following line to require a user to be in the "wheel" group.
auth       required     /lib/security/$ISA/ use_uid

This protects both su and kdesu.

What do you think? This is useless - it does not protect the system at all, as 
I've thought for a long time.

System-config-users utility - a little program to manage users has *NOTHING*, 
not even a little mention anywhere, that it breaks the security.

Anyone who knows the root password logs in as regular user, by ssh. Using X 
forward, executes system-config-users, enters the root password and does 
ANYTHING he wants to the system. In particular, he adds himself to wheel 
group and su's to root. While the system administrator sleeps well knowing 
that he can not su because he's not in wheel group


More information about the fedora-list mailing list