su itself is quite secure. However, there are other tools which allow users to utilize other people's accounts.
.rhosts files are easy ways to bypass the passwd - if rsh,rlogin are on, you can act as another user as long as your ID is listed in the .rhosts file.
This is usually a security issue for a number of reasons:
1) poor syntax in the .rhosts file can lead to a server compromise. If Bob has a .rhosts file which says:
ralph bigserver
dave
Then ANY system which can answer as "bigserver" with a userid of "ralph" on it can gain access without a passwd. The "dave" entry is worse, as it doesn't care which server has a userid of "dave" it will have access.
This is how I accessed a server which lost the root passwd - through .rhost files. We saw the .rhosts file was readable for root, and saw a non-root user who was in the list. We logged into another UNIX host, su'd to that user, then used rlogin as root to access the locked out host, all without knowing the root passwd.
2) Daisychaining across hosts - Since many people use NFS to deliver /home/
, it will unwittingly give others inbound access to servers which the "account owner" never intended. For instance, Bob and Dave allow .rhosts between each other. Ralph convinces Bob that they should also share .rhosts. Bob has just given Ralph access to Dave's accounts.
"Any sufficiently advanced technology can be indistinguishable from magic" Arthur C. Clarke. My corollary - "Any advanced technology can be crushed with a sufficently large enough rock."
