View Issue Details

IDProjectCategoryView StatusLast Update
0006001Kali Linux[All Projects] General Bugpublic2020-01-16 10:03
Reporteranant_ Assigned Torhertzog  
PriorityhighSeverityminorReproducibilityalways
Status closedResolutionno change required 
Product Version2019.4 
Target VersionFixed in Version 
Summary0006001: a standard user can gain the root privileges
DescriptionTaking "abc" as standard user and "root" as the root user.
Using Terminal, The standard user "abc" can switch to "root" account without entering any password.
And he gets all the privileges as of the root user.
Steps To Reproduce>> su - abc

#It will switch to "abc" account

Then instead of entering the below command to switch to root user
>> su - root
...then entering password for this account
 
The standard user can just type >> exit
to switch to the root account.
Additional Informationcheck the attached files.

Activities

anant_

2020-01-16 09:42

reporter  

rhertzog

2020-01-16 10:03

administrator   ~0011929

This is not a bug. You are root at the start of the process since otherwise "su - abc" would also have asked for a password. "su - abc" starts a sub-shell and when you exit you come back to the former root shell...

Issue History

Date Modified Username Field Change
2020-01-16 09:42 anant_ New Issue
2020-01-16 09:42 anant_ File Added: Screenshot from 2020-01-16 15-04-07.png
2020-01-16 09:42 anant_ File Added: Screenshot from 2020-01-16 15-04-13.png
2020-01-16 10:03 rhertzog Assigned To => rhertzog
2020-01-16 10:03 rhertzog Status new => closed
2020-01-16 10:03 rhertzog Resolution open => no change required
2020-01-16 10:03 rhertzog Note Added: 0011929