sesu - goes directly into root without requesting password
search cancel

sesu - goes directly into root without requesting password


Article ID: 257636


Updated On:


CA Privileged Access Manager - Server Control (PAMSC)


Logging into a server protected with PAM SC and issuing

sesu -

instead of the expected behaviour, whereby the password for the user is requested before switching to root, it goes straight in to root.

When this is happening, doing sewhoami -a before or after sesu - shows the user issuing the command to be already root and not the original user as it would be expected

However, if one has a session opened to the same server, and PAMSC is restarted then it works as intended in the first session and  the correct behaviour remains for as long as the session is not closed


Release : 14.1 and possibly other releases


Analysis of the traces shows that most processes are forked from sshd running in the server, so if sshd is not working properly (due to restarts or other interferences) it is possible that it allows this root access


Restarting sshd in the server may restore the correct behaviour.

However, if this is observed on a regular basis, investigation onto the behaviour of sshd should be carried out as there may be another underlying problem causing it not to work properly