Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
su: incorrect password
#1

hi!

 

For some day ago i wrote chmod 777 * in my /bin folder (dont ask me why:P ), but now I cant switch users.

I just get the error message "su: incorrect password" all the time.

 

Anyone know how to fix this? :)

 

[klumpen@klumpen klumpen]$ su -

Password:

su: incorrect password

 

I can log into root tru one TTY.

Reply
#2

The problem is that "su" has to be suid in order to read from the shadow file of your system to verify the password you have given. By issuing "chmod 777 *" you deleted the suid bit (777 = 0777). You have to reset this bit by executing "chmod 4755 /bin/su". That should fix the problem. Anyways, "777" is never a very good idea...

 

z0ny

Reply
#3
ah, I see. Thankss :)
Reply
#4

interesting,

 

does the same principle apply to apache directories and files

 

i chmod 755 the dirs

 

and 644 the files

 

?

Reply
#5

What exactly do you mean?

 

z0ny

Reply
#6

i mean whats this about exactly and do i need to apply a similar principle to my apache permissions

 

Quote:The problem is that "su" has to be suid in order to read from the shadow file of your system to verify the password you have given. By issuing "chmod 777 *" you deleted the suid bit (777 = 0777). You have to reset this bit by executing "chmod 4755 /bin/su". That should fix the problem. Anyways, "777" is never a very good idea... 

z0ny
 

cheers

 

anyweb

 

oh and welcome back mate

Reply
#7

Well 'su' for example is a program that requires root privileges in order to verify the passwords. Normal users aren't allowed to view the (hashed) passwords of other users but those users are allowed to gain (root) access via 'su'. When they execute 'su' it runs under user permissions so it wouldn't have access to the passwords. And here comes the suid bit (4): it grants that binary (and only that file) access to things you normally can access as root only.

 

Apache doesn't need that. It would even be a security flaw to set the suid bit on apache binaries as exploits may elevate the privileges to root.

 

z0ny

Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)