Su Must Be Suid To Work Properly Now

While making su SUID is necessary for its functionality, it also presents potential risks. For instance, if su is not properly secured, malicious users could exploit vulnerabilities to gain unauthorized access to sensitive areas of the system.

If my_tool tries to read a file owned by root (UID 0) with permissions set to 600 (read/write for owner only), the kernel checks the process EUID. It sees 1000, compares it to the file's owner (0), and immediately denies access. su must be suid to work properly

su tries to read /etc/shadow as the normal user → fails → aborts. While making su SUID is necessary for its

The setuid() call sets the effective user ID of the calling process. It sees 1000, compares it to the file's

Here is where the failure occurs. The system call used to change a user ID is setuid() . The kernel implements strict checks on this call. The manual page for setuid states (simplified):

Notice the permissions. Only root can read and write to this file (members of the shadow group may also read it depending on the distro).

su is trapped in a logic loop: To become root, it must already be root.