0006001: a standard user can gain the root privileges

ID	Project	Category	View Status	Date Submitted	Last Update

0006001	Kali Linux	General Bug	public	2020-01-16 09:42	2020-01-16 10:03

Reporter	anant_	Assigned To	rhertzog
Priority	high	Severity	minor	Reproducibility	always
Status	closed	Resolution	no change required
Product Version	2019.4

Summary	0006001: a standard user can gain the root privileges
Description	Taking "abc" as standard user and "root" as the root user. Using Terminal, The standard user "abc" can switch to "root" account without entering any password. And he gets all the privileges as of the root user.
Steps To Reproduce	su - abc #It will switch to "abc" account Then instead of entering the below command to switch to root user su - root ...then entering password for this account The standard user can just type >> exit to switch to the root account.
Additional Information	check the attached files.
Attached Files	Screenshot from 2020-01-16 15-04-07.png (150,746 bytes) Screenshot from 2020-01-16 15-04-07.png (150,746 bytes) Screenshot from 2020-01-16 15-04-13.png (178,181 bytes) Screenshot from 2020-01-16 15-04-13.png (178,181 bytes)

Date Modified	Username	Field	Change
2020-01-16 09:42	anant_	New Issue
2020-01-16 09:42	anant_	File Added: Screenshot from 2020-01-16 15-04-07.png
2020-01-16 09:42	anant_	File Added: Screenshot from 2020-01-16 15-04-13.png
2020-01-16 10:03	rhertzog	Assigned To	=> rhertzog
2020-01-16 10:03	rhertzog	Status	new => closed
2020-01-16 10:03	rhertzog	Resolution	open => no change required
2020-01-16 10:03	rhertzog	Note Added: 0011929

rhertzog 2020-01-16 10:03 administrator ~0011929	This is not a bug. You are root at the start of the process since otherwise "su - abc" would also have asked for a password. "su - abc" starts a sub-shell and when you exit you come back to the former root shell...