Su (Unix)
From Wikipedia, the free encyclopedia
- The correct title of this article is su (Unix). The initial letter is shown capitalized due to technical restrictions.
- This article is about the Unix command. For other uses, see Su.
The Unix su (substitute user) command is used to assume the login shell of another user without logging out. It is commonly used to change to root user permissions for administrative work without logging off and back on. Desktop environments such as KDE and GNOME have programs that pop up a password query box before allowing a user to run commands that would typically require such access.
su is commonly run from the command line terminal. When run, su asks for the target user's password, and, if accepted, grants the user access to that account.
johndoe@klinger:~$ su Password: root@klinger# exit exit johndoe@klinger:~$
A related command called sudo executes a command as another user but observes a set of constraints about which users can execute which commands as which other users (generally in a configuration file named /etc/sudoers). Unlike su, sudo authenticates users against their own password rather than that of the target user (to allow the delegation of specific commands to specific users on specific hosts without sharing passwords among them and while mitigating the risk of any unattended terminals).
Great care must be taken by a system administrator to choose a suitable password for the root account, to prevent any possible takeover by a low level user running su. Some Unix-like systems have a wheel group of users, and only allow these users to su to root. This may or may not mitigate these security concerns, since an intruder might first simply break into one of those accounts. GNU su, however, does not support a wheel group; this was done for philosophical reasons. [1]
Windows XP has a similar command called runas.
[edit] See also
- Superuser
- Sudo
- Unix security
- Wheel war
- List of Unix programs
- Secondary logon/runas in Microsoft Windows XP/2003
[edit] External links
| Unix command line programs (more) | |||
| File and file system management: | cat | cd | chmod | chown | chgrp | cp | du | df | file | fsck | ln | ls | lsof | mkdir | more | mount | mv | pwd | rm | rmdir | split | touch | tree | ||
| Process management: | anacron | at | chroot | crontab | kill | killall | nice | pgrep | pidof | pkill | ps | sleep | screen | time | timex | top | wait | ||
| User Management/Environment: | env | finger | id | locale | mesg | passwd | su | sudo | uname | uptime | w | wall | who | whoami | write | ||
| Text processing: | awk | cut | diff | ex | head | iconv | join | less | more | nkf | paste | sed | sort | tail | tr | uniq | wc | xargs | ||
| Shell programming: | echo | expr | printf | unset | Printing: | lp |
| Communications: inetd | netstat | ping | rlogin | traceroute |
Searching: find | grep | strings |
Miscellaneous: banner | bc | cal | man | size | yes |
|
 |
This Unix-related article is a stub. You can help Wikipedia by expanding it. |
