
The Meaning of 'su' - myko
http://pthree.org/2009/12/31/the-meaning-of-su/
======
nu2ycombinator
Copy pasting the best comment from the article. It basically covers the crux.

======================================================== "jonkx using on | May
31, 2010 at 10:22 am | Permalink

I worked with the Unix OS from the early 1980′s (at first we ran early
versions on a DEC PDP-11) until 1992. Starting in 1992, I did contract work on
proprietary versions based on SVR4.

It was just easier to say the initials “S U” or “super-user” than to say
“switch user” or “substitute user”. To insist on correctness, whether
authoritarian, historical or otherwise seems petty.

Depending on the options used, su can be used to switch user, substitute user
or become “super user”. Success depends on knowledge of the appropriate
password. “sudo” on the other hand may allow one to become any other user
(depending on the configuration of sudo and being a “sodoer”) knowing only the
login password.

On the systems I have used, a sudoer can become root (“super user”) using this
shell command at a terminal:

sudo su – root

and responding to the prompt with the login password used to sign in the
current user.

I think it is important to point out that you cannot become “super user” or
root from a shell with the su command alone unless there is a root password
and that password is entered at the prompt.
=========================================

~~~
mrb
To all people who type "sudo su - root": the much simpler "sudo -i"
accomplishes the same (-i launches an interactive shell).

~~~
kelnos
The "-i" option actually means "simulate Initial login" -- the idea being -i
will drop you into a shell as if you'd logged in as the user in a fresh
session. -s will also give you an interactive shell, but doesn't mess with the
environment.

(And both -i and -s can also _not_ give you an interactive shell, if you give
it a command to run. The point is that it will run the command in the shell
rather than just fork()ing and exec()ing like a bare sudo invocation would
do.)

~~~
etanol
Read carefully: "sudo -i" to replace "sudo su - root". You should check the
"su" manpage and look for the -/-l/--login option.

~~~
kelnos
I'm not objecting to that. I'm objecting to the (perhaps unintended) assertion
that "sudo -i" means "give me an interactive shell". It does happen to give
you an interactive shell (assuming you don't specify a command), but as a side
effect. "-s" gives you an interactive shell too, but the semantics are
different.

------
4ad
This is a great article and people quoting modern manual pages miss the point.
The point is that the meaning of su(8) changed and that is conveyed through an
nice anecdote where the author _discovers_ exactly how it changed.

In the research version of Tenth Edition Unix, su(8) is described as:

    
    
      su, setlog -- substitute userid temporarily, become super user
    

Which is an interesting intermediate step from today's (or rather 2.9BSD's)

    
    
      su -- substitute user identity
    

found in BSD derivatives.

Btw, the Tenth Edition manual was written mostly by Douglas McIlroy, inventor
of pipes. Even if the 1127 group imported outside code for the VAX versions of
research Unix (v8-10), they liked a particular kind of documentation, which
the imported code lacked, so they wrote their own. Dare I say the style of
research Unix manuals closely matches the style of Go documentation today
(unremarkable, considering the pedigree).

~~~
shizcakes
This comment has it correct. For those of you on a Mac (and I specifically
mention a Mac, due to its BSD userland utilities), you can see that this is
still defined this way today: type `man su` and you'll see:

    
    
        su -- substitute user identity

------
ppierald
I would recommend against using sudo su -, esp if you have <user> ALL=(ALL)
NOPASSWD: ALL or such constructs in your /etc/sudoers file that exempt
password requirements from executing sudo commands.

1\. su gives you a root shell. Principle of least privilege dictates you
should executes the fewest commands as root as required, not all commands as
root because you need one.

2\. sudo su - loses auditability of who executed what/when. All we know is
that someone got a sudo shell at some point. When the forensics guys come
along post-breach, you won't have a lot of good info to give them.

3\. Loss of a shell (via command injection on a web form) may allow remote
Command-and-Control of your machine.

If you need a cron or other headless process (daemons, etc.) then use NOPASSWD
in conjunction with a whitelisted set of commands (not /bin/bash) to be
executed.

If you need an operator to execute a command as a specific user, then use sudo
-u <user> <cmd>. Even if you allow ALL commands, at least your audit logs will
know what/when the command was executed.

With all powerful commands comes the responsibility of understanding how to
use them safely and what the possible repercussions are.

~~~
rlpb
In production, yes. For debugging on a test machine, or during a post-mortem,
it's just inconvenient not to. If the majority of your time is spent in the
shell of a production machine, you're doing something wrong.

------
nathell
When perusing early Unix code, it's striking how concise and down-to-the-point
it is. We've really accumulated a lot of cruft (mostly for the sake of
compatibility and feeping creaturism) over the years.

------
asveikau
A bit off topic, but man it really bugs me when people (like this author) say
"command" because they don't know the right word.

(A mistake made by this article)

"I wonder why the creat() command doesn't have an 'e'."

(Similar examples I've seen around the web)

"I'm using the printf command." "I was doing assembly programming and I used
the jump command."

Syscall! Function! Instruction! Let's be precise people.

~~~
wolfhumble
So to be even more precise ;-) are you treating Syscall, Function and
Instruction as synonyms?

~~~
mdwrigh2
I don't think he is. He references creat, printf and jump, which happen to be
a syscall, function and instruction, respectively.

------
zx2c4

        q = password;
        while((*q = getchar()) != '\n')
            if(*q++ == '\0')
                return;
    

Notably, you don't actually need the password... Buffer overflow!

------
acc00
My beard is rather short as of yet, but I've always read 'su' as an acronym
for 'setuid' (because that's what it does).

------
klrr
I think it really stands for "super user", here's its man page from Unix v1
<http://man.cat-v.org/unix-1st/1/su> .

~~~
UnoriginalGuy
> su allows one to become the super--user, who has all sortsof marvelous
> powers.

I enjoy how informal that man page is. All of today's man-pages would never
get away with "fun."

------
ams6110

      $ man su
    
      NAME
         su -- substitute user identity

~~~
sek
This.

I thought it meant super user too, but then I put in that command and said
"ah". Then I moved on with my life....

~~~
joeblau
It does stand for super user. The article cites the su.c code from 1975.

------
jasonkostempski
Taking 'super-user' to mean 'root' seems like a big assumption. Is there
anywhere in the Unixverse where root is specifically referred to as 'super-
user'? I sort of thought 'super-user' would refer to any user with higher
privileges. Well, really just different privileges, but why would you switch
to a user with lesser permission to preform the action you probably just got
denied? I assume the presented code was just that way because it covered 99%
of use cases and was good enough for then and that root is now the default
user for the same reason.

~~~
mturmon
I'm not 100% sure where you're going with all that, but there are legitimate
reasons for the super-user to "move down" into a specific user's identity --
for example, to be sure that files/directories created during some maintenance
are owned by that specific user, and have that user's umask applied. Another
instance would be file cleanups when the super-user specifically didn't want
to be able to delete arbitrary files. There are lots of other cases.

------
qompiler
What a cute su.c file!

You should see this beast in Solaris!

[http://src.opensolaris.org/source/xref/onnv/onnv-
gate/usr/sr...](http://src.opensolaris.org/source/xref/onnv/onnv-
gate/usr/src/cmd/su/su.c)

------
davidw
In Italian it means "up".

~~~
kunil
In Turkish, it is water

------
michaelfeathers
It's funny how the article and most of the comments here assume that there is
one meaning and it is "out there" for all of us to see. Maybe there isn't any
one definite meaning:
[http://michaelfeathers.typepad.com/michael_feathers_blog/201...](http://michaelfeathers.typepad.com/michael_feathers_blog/2013/02/the-
fallacy-of-one-definite-meaning.html)

------
bnegreve
> “su” was written to only change to the root user on the system. It wasn’t
> designed to switch to any other user that has an account. “su” meant “super-
> user”. I need to sit down for a second.

It is _slightly_ over dramatized, isn't it ? :)

------
tedchs
TL;DR: the author doesn't know, and lists the standard possibilities:
superuser, switch user, or subshell. From the article: "Well, I wish I had an
answer, but I don’t."

~~~
joshguthrie
TL;DR: Legacy code with gotos in it.

~~~
dwyer
Way to nitpick about goto while completely overlooking the obvious buffer
overflow.

~~~
jrockway
This was all I could think about when reading that code.

------
drucken
To old hands, su has always and will always mean _super user_. The meaning
does not "change" (even if the program does).

------
northisup
$ man su

SU(1) BSD General Commands Manual

NAME su -- substitute user identity

SYNOPSIS su [-] [-flm] [login [args]]

...

------
jonisalonen
Oh, so it isn't an acronym for suit-up?

</barney>

