Hey, I noticed something unusual when su'ing to root. I'm
pretty sure this isn't normal because login doesn't have the
same behavior when comparing passwords. But enough with that -
Demonstration:
- login as normal user
- su to root (or any other use)
- type in your password when prompted.
So far, so good. Now, CTRL-D or otherwise logout.
- su in again.
- enter your password, followed by any number of extra
characters (I used !!!!!), hit enter.
Viola, there's your new shell. Somebody please tell
me this isn't a big deal and that it will be fixed soon. :)
I know it's christmas so I'll wait a week until somebody
has a chance to look at this, but let me know as soon
as possible what's going on here b/c I'd like to post it
to bugtraq (preferably with news of a fix, if it is
indeed a bug) eventually.
--
Signal 11, BOFH to the UF list and malign.net
Ummm..Didn't you say you turned it off?
