[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #16579] select_shell() uses incorrect syntax for su
|
From: |
Andreas Metzler |
|
Subject: |
[bug #16579] select_shell() uses incorrect syntax for su |
|
Date: |
Sat, 13 May 2006 14:24:47 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20060503 Debian/1.7.8-1sarge6 |
URL:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=16579>
Summary: select_shell() uses incorrect syntax for su
Project: findutils
Submitted by: ametzler
Submitted on: Samstag 13.05.2006 um 14:24
Category: updatedb
Severity: 3 - Normal
Item Group: None
Status: None
Privacy: Public
Assigned to: None
Originator Name: Chronos Tachyon
Originator Email:
Open/Closed: Open
Release: 4.2.27
Fixed Release: None
_______________________________________________________
Details:
Chronos Tachyon writes in http://bugs.debian.org/366269
The select_shell() function in /usr/bin/updatedb has a bug in the way it
calls /bin/su; specifically, it attempts 'su "$LOCALUSER" -s $SHELL false',
which runs '/bin/bash false', thus attempting to execute /bin/false as a
shellscript. (The exit code 126 and error message 'cannot execute binary
file' are ignored entirely by updatedb.)
The correct usage of su would be to add "-c" after "-s $SHELL" on lines 87
and 91. This is important if, for instance, the administrator has set
$LOCALUSER's shell to /bin/false (which is how I discovered this bug).
----------------------------
Older versions of su as found on Debian (e.g. in sarge) accepted this syntax,
but this is consideerd a bug.
cu andreas
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?func=detailitem&item_id=16579>
_______________________________________________
Nachricht geschickt von/durch Savannah
http://savannah.gnu.org/
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [bug #16579] select_shell() uses incorrect syntax for su,
Andreas Metzler <=