Path: utzoo!utgpu!watmath!clyde!att!rutgers!mailrus!cornell!uw-beaver!rice!sun-spots-request
From: alberta!ncc!lyndon@uunet.uu.net
Newsgroups: comp.sys.sun
Subject: Bug in su(1) under 3.5 (and others)
Message-ID: 
Date: 1 Dec 88 19:23:50 GMT
Sender: usenet@rice.edu
Organization: Rice University, Houston, Texas
Lines: 45
Approved: Sun-Spots@rice.edu
Original-Date: Tue, 15 Nov 88 14:30:21 MST
X-Sun-Spots-Digest: Volume 7, Issue 32, message 12 of 17

This is an extract of a bug report we submitted to Sun.  Their response?
"Fixed in 4.0"

--lyndon

System:		3/280S -- SunOS 3.5

Attempts to su(1) to a non-root user will fail if a parent of the current
working directory does not have read and execute permission for "others."

This behavior has been verified under 3.4 and 3.5 on different 3/280's,
and under 3.5 on a 3/160. Examination of BSD4.2 su(1) source shows this
bug does not exist there.

The following script shows some examples:

Script started on Wed Oct 19 12:02:08 1988
(12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg .
drwxr-xr-x 30 lyndon   staff        1536 Oct 19 12:02 ./
(12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg ..
drwxr-x--x 74 lyndon   staff        3072 Oct 19 11:09 ../
(12:02pm) ncc:/u0/staff/lyndon/src% su bin
Password:
(12:02pm) ncc:/u0/staff/lyndon/src% echo $status
1
(12:02pm) ncc:/u0/staff/lyndon/src% chmod o+r ..
(12:02pm) ncc:/u0/staff/lyndon/src% ls -ldg ..
drwxr-xr-x 74 lyndon   staff        3072 Oct 19 11:09 ../
(12:02pm) ncc:/u0/staff/lyndon/src% su bin
Password:
ncc% echo $status
0
ncc%
(12:02pm) ncc:/u0/staff/lyndon/src% chmod o-x ..
(12:02pm) ncc:/u0/staff/lyndon/src% su bin
Password:
(12:03pm) ncc:/u0/staff/lyndon/src% echo $status
1
(12:03pm) ncc:/u0/staff/lyndon/src% su
Password:
ncc# echo $status
0
ncc#
(12:03pm) ncc:/u0/staff/lyndon/src%
script done on Wed Oct 19 12:03:42 1988