Thanks for quick replies from:
Sreenivasa Prasad _at_digital.com
Dr. Thomas P. Blinn _at_compaq.com
Ann Majeske _at_compaq.com
Larry Clegg _at_inituit.com
Ann and Larry both suggested a Tru64 patch(V51 patch kit3) installation. It has already cured my problem.
Dr. Blinn gave me some more detailed background info, which is absolutely correct I think. But Tru64 "su" is just been designed and built in a more convenient (probably less secure) way. His reply is enclosed below for your info.
Cheers,
Alan Voker
=====================================================================
>From Dr. Blinn
You seem to be assuming that logging in as root and doing an "su" to be
root are supposed to be completely equivalent from a security point of
view. In fact, the system knows you are not logged in as root, and it
is looking at your login ID, not your currect effective UID, to decide
whether to prompt you for a password. It would probably be possible to
change this behavior if you had all the sources for the "su" utility and
were willing to make source changes that might have side effects that
you don't understand. It's not a "feature" you can disable in any easy
way short of changing the source and rebuilding (and it may not even be
in the "su" utility itself, it may be in a library, and changing any of
the security libraries is VERY risky).
Tom
============
original question
============
>
> Dear managers,
>
> When I login as root on console, then su to other users, there is no
> password prompt. But when I login as non-root and su to root(which is
> the more secure way for remote root login), then if I try to su to other
> users, I get the password prompt ! This may be good but sometimes it's
> just too annoying especial when I want to test something new before
> publishing to all users. How can I disable the feature?
>
> I'm using Tru64 5.1 rev 732
>
Received on Wed Aug 22 2001 - 01:50:07 NZST