https://bugzilla.novell.com/show_bug.cgi?id=331043 Summary: Su allows echo from stdin when no other distro I can find does. Product: openSUSE 10.3 Version: Final Platform: Other OS/Version: openSUSE 10.3 Status: NEW Severity: Critical Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: fm0nk3y@yahoo.co.uk QAContact: qa@suse.de Found By: --- As the title says I think this is a major security flaw. After checking with another distro I find that this command won't work but does on Suse 10.3. echo "passwd" | su -c ifconfig Now on the surface this doesn't seem that bad but when it turns in to something like this for i in `egrep '^.{5,5}$' /var/lib/dict/words`; { echo $i | sed 's/o/0/g' | su -c ifconfig;} I hope you can see my concerns, so my question is this a design detail or a slip as having had some feedback I also find this is applicable to 10.1. I also suspect 10.2 and a few other versions. If this is a design detail may ask the reason as I for one can't see a reasoning to allow su to take the passwd from stdin. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.