Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!news.mel.connect.com.au!munnari.OZ.AU!news.hawaii.edu!ames!agate!howland.reston.ans.net!newsfeed.internetmci.com!in1.uu.net!csn!nntp-xfer-2.csn.net!symbios.com!southwind.net!complete.org!not-for-mail From: jgoerzen@complete.org (John Goerzen) Newsgroups: comp.unix.bsd.freebsd.misc,comp.unix.admin Subject: Re: Password security Followup-To: comp.unix.bsd.freebsd.misc,comp.unix.admin Date: 1 Feb 1996 18:59:29 -0600 Organization: Communications Centre (+1 316 367 8490) Lines: 22 Message-ID: <4ernlh$24q@complete.org> References: <4e69sl$6ci@complete.org> <3107AD8B.7FDE@visi.com> NNTP-Posting-Host: complete.org X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:13481 comp.unix.admin:38107 Bigfoot (Guy Gustavson) (bigfoot@visi.com) wrote: : John Goerzen wrote: : > Secondly, using Kerberos. I have detected what appears to be a flaw with : > the su program, although it could just be configuration error on my part. : > When somebody issues a su command to su to root, su will prompt them for a : > password. They can enter anything they want the first time. It will prompt : > for password again, and this time, if they enter root's login password, they : > will be su'd to root. : This is what it's supposed to do. Or are you saying that it prompted you more than : once for the password on the same 'SU'? Yes, that is correct. Enter "su" at the command prompt. The program will prompt once for a password. Enter anything. The same program will prompt for a password again. Then all it needs is root's login password. : "It's not my god damned planet, understand monkey boy! - B. Bonzai" -- John Goerzen, programmer and owner | Use #12 for your Win95 CD: a good | Communications Centre, Goessel, KS | excuse for getting that 16MB SIMM | Main e-mail: jgoerzen@complete.org | #13: A good bookmark for large books|