Path: utzoo!utgpu!watmath!clyde!att!rutgers!mailrus!cornell!uw-beaver!rice!sun-spots-request From: alberta!ncc!lyndon@uunet.uu.net Newsgroups: comp.sys.sun Subject: Bug in su(1) under 3.5 (and others) Message-ID:Date: 1 Dec 88 19:23:50 GMT Sender: usenet@rice.edu Organization: Rice University, Houston, Texas Lines: 45 Approved: Sun-Spots@rice.edu Original-Date: Tue, 15 Nov 88 14:30:21 MST X-Sun-Spots-Digest: Volume 7, Issue 32, message 12 of 17 This is an extract of a bug report we submitted to Sun. Their response? "Fixed in 4.0" --lyndon System: 3/280S -- SunOS 3.5 Attempts to su(1) to a non-root user will fail if a parent of the current working directory does not have read and execute permission for "others." This behavior has been verified under 3.4 and 3.5 on different 3/280's, and under 3.5 on a 3/160. Examination of BSD4.2 su(1) source shows this bug does not exist there. The following script shows some examples: Script started on Wed Oct 19 12:02:08 1988 (12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg . drwxr-xr-x 30 lyndon staff 1536 Oct 19 12:02 ./ (12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg .. drwxr-x--x 74 lyndon staff 3072 Oct 19 11:09 ../ (12:02pm) ncc:/u0/staff/lyndon/src% su bin Password: (12:02pm) ncc:/u0/staff/lyndon/src% echo $status 1 (12:02pm) ncc:/u0/staff/lyndon/src% chmod o+r .. (12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg .. drwxr-xr-x 74 lyndon staff 3072 Oct 19 11:09 ../ (12:02pm) ncc:/u0/staff/lyndon/src% su bin Password: ncc% echo $status 0 ncc% (12:02pm) ncc:/u0/staff/lyndon/src% chmod o-x .. (12:02pm) ncc:/u0/staff/lyndon/src% su bin Password: (12:03pm) ncc:/u0/staff/lyndon/src% echo $status 1 (12:03pm) ncc:/u0/staff/lyndon/src% su Password: ncc# echo $status 0 ncc# (12:03pm) ncc:/u0/staff/lyndon/src% script done on Wed Oct 19 12:03:42 1988