hi!

For some day ago i wrote chmod 777 * in my /bin folder (dont ask me why:P ), but now I cant switch users.
I just get the error message "su: incorrect password" all the time.

Anyone know how to fix this?

[klumpen@klumpen klumpen]$ su -
Password:
su: incorrect password

I can log into root tru one TTY.

The problem is that "su" has to be suid in order to read from the shadow file of your system to verify the password you have given. By issuing "chmod 777 *" you deleted the suid bit (777 = 0777). You have to reset this bit by executing "chmod 4755 /bin/su". That should fix the problem. Anyways, "777" is never a very good idea...

z0ny

ah, I see. Thankss

interesting,

does the same principle apply to apache directories and files

i chmod 755 the dirs

and 644 the files

?

What exactly do you mean?

z0ny

i mean whats this about exactly and do i need to apply a similar principle to my apache permissions



cheers

anyweb

oh and welcome back mate

Well 'su' for example is a program that requires root privileges in order to verify the passwords. Normal users aren't allowed to view the (hashed) passwords of other users but those users are allowed to gain (root) access via 'su'. When they execute 'su' it runs under user permissions so it wouldn't have access to the passwords. And here comes the suid bit (4): it grants that binary (and only that file) access to things you normally can access as root only.

Apache doesn't need that. It would even be a security flaw to set the suid bit on apache binaries as exploits may elevate the privileges to root.

z0ny