gnome-terminal bug effecting user su
Submitted by gwa..@..ec.com
Description
Package: Gnome-Terminal Version: 1.0.39 Distro: RH-6.1
Problem: Unable to su from user accounts
Desc:
I'd been trying to secure who gets to su to root, limiting it to members of the group "wheel", by editing /etc/pam.d/su following the steps listed in "Securing and Optimizing Red Hat Linux" by Gerhard Mourani (highly recommended) http://securityfocus.com
The edits where as follows:
step 1:
As root I edited the /etc/pam.d/su file and add the following two lines to the top of the file:
auth sufficient /lib/security/pam_rootok.so debug auth required /lib/security/pam_wheel.so group=wheel
step 2:
Then I ran the following command: usermod -G10 username
I then logged out, logged in as a regular user. I logged in at run level 3. At that level I could su to root. I then started Xwindows running a gnome managed session. I started a gnome-terminal and tried to su to root. I was unable to do so. I kept getting the response "incorrect password".
I tried then tried to su using an Xterm, Kterm and an Eterm. With all these terminals I was able to successfully su to root.
For what it's worth, Aterm has the same problem as gnome-terminal.
Given that the changes I made to /etc/pam.d/su are pretty standard security steps, I imagine you already know about this problem. My apologies if this is the case and has already been fixed. I di d, however, look through the bug report database first and I didn't find anything like this, soooooo.... here's the report. If it's been fixed, please let me know.
Thanks so much for all your hard work. Gnome is definitely my environment of choice, and I am very appreciative of the the enormous amount of time, energy and creativity that has gone into a project of this quality and scope that gives all the results away --for free.
greg :: gwalsh@artec.com
------- Bug moved to this database by debbugs-export@bugzilla.gnome.org 2001-01-27 15:17 ------- This bug was previously known as bug 9807 at http://bugs.gnome.org/ http://bugs.gnome.org/show_bug.cgi?id=9807 Originally filed under the gnome-core product and gnome-terminal component.
Unknown version 1.0.x in product gnome-core. Setting version to the default, "unspecified". The original reporter (gwalsh@artec.com) of this bug does not have an account here. Reassigning to the exporter, debbugs-export@bugzilla.gnome.org. Reassigning to the default owner of the component, gnome-core-maint@bugzilla.gnome.org.
Version: 1.0.5x
Resolution: RESOLVED INCOMPLETE