From nobody  Tue Apr 29 21:32:26 1997
Received: (from nobody@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id VAA03036;
          Tue, 29 Apr 1997 21:32:26 -0700 (PDT)
Message-Id: <199704300432.VAA03036@hub.freebsd.org>
Date: Tue, 29 Apr 1997 21:32:26 -0700 (PDT)
From: dpi@rapidnet.com
To: freebsd-gnats-submit@freebsd.org
Subject: SU acting strange on 2.2.1 Release
X-Send-Pr-Version: www-1.0

>Number:         3437
>Category:       bin
>Synopsis:       SU acting strange on 2.2.1 Release
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:
>Keywords:
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May  1 00:53:36 PDT 1997
>Closed-Date:    Sat Jul 5 11:02:46 PDT 1997
>Last-Modified:  Sat Jul  5 11:02:59 PDT 1997
>Originator:     Doug Ingraham
>Release:        2.2.1
>Organization:
RapidNet LLC
>Environment:
FreeBSD news.rapidnet.com 2.2.1-RELEASE FreeBSD 2.2.1-RELEASE #0:
Tue Apr 29 21:10:45 MDT 1997     
dpi@news.rapidnet.com:/usr/src/sys/compile/LOCAL  i386
>Description:
I just updated one of my servers to 2.2.1 and I have  only 2 users
configured because this is a news server.  But each of these users
are in group staff (20) and are in the wheel group in /etc/group.

The problem I am seeing is that when I log in as myself dpi I now have
the amazing ability to become super user by simply typing su.  The
system does not ask me for a password!

Is this behavior considered normal for 2.2.1 or is this something
that is hosed up on my particular system.

Another thing I encountered was that even if the user had a GID of 0
in the password file they could not become root.  They had to be in
the wheel group.

2.1.6 did not display this characteristic and I cannot see that
anything is misconfigured.

This problem seems like a terrible security hole.
>How-To-Repeat:

>Fix:

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: fenner 
State-Changed-When: Sat Jul 5 11:02:46 PDT 1997 
State-Changed-Why:  
Duplicate for bin/3424 
>Unformatted:
