> How difficult would it be, for the sake of compatibility if nothing > else, to teach su not to create a new PAM session when it doesn't > already run within one?
You don't want to do that in general since that defeats the primary purpose of su: creating a new session as a different user. It's sort of an interesting question as to whether you want to set up a new session when running a single command. I'm a little surprised that su does this as opposed to only calling setcred. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
