I’m on a RHEL server where the
su
command drops the user into root without prompting for a password. Obviously, this is a pretty big cause for concern which I’d like to fix. I’m not in contact with the previous admin, and he didn’t leave any notes on what he did to make this happen.The user account in question is a member of the sudoers group, and I noticed that the config contains the line
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
, but I’m not sure if this is related.How should I troubleshoot this issue?
Answer
Check if user root has password set. Try login as a root without pass or check /etc/shadow file.
Attribution
Source : Link , Question Author : devnill , Answer Author : jamzed