Quantcast
Channel: Hacker News 50
Viewing all articles
Browse latest Browse all 9433

Aaron Toponce : The Meaning of ‘su’

$
0
0

Comments:"Aaron Toponce : The Meaning of ‘su’"

URL:http://pthree.org/2009/12/31/the-meaning-of-su/


When I taught for Guru Labs, part of the students training was covering different ways of becoming the root user, such as using “su”, “sudo” and taking advantage of the wheel group. Login shells versus non-login shells were also covered. The idea was to help the student understand the real nature of the shell and subshells, not to mention how to appropriately switch user accounts.

Inevitably, I would be asked what the meaning of “su” really stood for. This seems to be the Great Question in Unix (aside from the creat() command in C lacking an ‘e’). When I first started with Unix back in 1999, I was always under the impression that “su” meant “super user”, as the only time I ever used the command was to become root. My learning was on Solaris 7, and even my colleagues agreed that “su” meant “super user”.

After discovering Linux, and having it installed as a virtual machine on my own hardware (yes, VMWare existed back then), I started tinkering, and I found that you could use “su” to switch to more users than just root. This shook the very foundation that I had learned Unix on. So, what does “su” mean? After browsing the man page, and spending a great deal of time on mailing lists and web forums, I was convinced that “su” stood for “switch user” or “substitute user” rather than “super user”.

Further, upon learning “sudo”, it further cemented that ‘su’ meant “switch user”, as “sudo” meant “switch user and do”. After all, “sudo” could be used to switch to any user on the system, not just root. So, as far as I was concerned, “su” meant “switch user” and “sudo” meant “switch user do”. Case closed.

Or was it?

A year or two later, I took a Unix interprocess communication course at my local university. Solaris 8 had released, and we were doing our coursework and lab work on those machines. When covering fork() and exec(), my professor taught “su” from the standpoint of it creating a subshell, and showing the parent/child process relationships. This got my mind thinking. Does “su” come from the first two letters in “subshell”? After all, you can “su” to yourself, which means you’re not really switching user accounts, and you’re not becoming root. I had to know. After class, I asked my professor what “su” meant, and sure enough, he sad “su comes from the first two letters of ‘subshell’”.

There you have it. “su” means “subshell”. So, “sudo” must mean “subshell do” for the same reasons that you can “sudo” to yourself, just as you can with “su”. To me, this was the most complete definition of the term. It couldn’t get any more complete than that, and when teaching, I taught my students that very thing, usually stating that “su” could mean “super user”, “switch user” or “subshell”, with my preference and belief on the last definition.

This morning, I had another foundation shaking moment with the meaning of “su”. I found some old Unix source code, where su.c was available. Curious, I looked at the source. What did I find?

12345678910111213141516171819202122232425262728293031323334353637383940414243444546/* su -- become super-user */char    password[100];char    pwbuf[100];int ttybuf[3]; main(){     register char *p, *q;     extern fin;    if(getpw(0, pwbuf))         goto badpw;     (&fin)[1] = 0;     p = pwbuf;     while(*p != ':')         if(*p++ == '\0')             goto badpw;     if(*++p == ':')         goto ok;     gtty(0, ttybuf);     ttybuf[2] =& ~010;     stty(0, ttybuf);     printf("password: ");     q = password;     while((*q = getchar()) != '\n')         if(*q++ == '\0')             return;     *q = '\0';     ttybuf[2] =| 010;     stty(0, ttybuf);     printf("\n");     q = crypt(password);     while(*q++ == *p++);     if(*--q == '\0' && *--p == ':')         goto ok;     goto error;badpw:     printf("bad password file\n"); ok:     setuid(0);     execl("/bin/sh", "-", 0);     printf("cannot execute shell\n"); error:     printf("sorry\n");}

What is the first comment in that C file? “/* su — become super-user */”. “su” was written to only change to the root user on the system. It wasn’t designed to switch to any other user that has an account. “su” meant “super-user”. I need to sit down for a second.

The code above comes from the fifth edition of Unix by Dennis Ritchie and Ken Thompson. If you know your Unix history, it really wasn’t until the sixth edition that things really started taking off for the Unix world. So, it’s safe to say that most, if not all, of the code in the fifth edition and prior were written by Dennis and Ken themselves. Fifth edition Unix released in 1975, so it doesn’t get much more authoritative than that.

“su” can do so much more than Ken and Dennis implemented back then, as already discussed. Surely, the definition of “su” has changed, at least a little? I would hope so. The great thing with human language, is it is dynamic and flexible. We, as a society decide what meanings we put to our words, so as far as we are concerned, “su” could mean so much more than “super user”. We can define it to mean “switch user”, “substitute user” or “subshell”. Or, we can be stubborn, and hold to the old definition from 1975 that “su” means “super user”.

So, where does that put us today, 34 years later? Well, I wish I had an answer, but I don’t. However, knowing your Unix history (yes, there was Unix before Linux) shows maturity on your part. Knowing that initially “su” was used only for becoming the root user will show others that you are somewhat educated on the topic.

Really, though, the definition doesn’t matter all that much, does it? If it means “super user” or “subshell” or anything between, what matters is what you can do with it as a user or administrator. As for me, I like updating the definition to “subshell”, but at least I can discuss it at length with another because I know my history.


Viewing all articles
Browse latest Browse all 9433

Trending Articles