[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init scripts and su

On Tue, 27 Jul 2004 07:48, Andrew Pimlott <andrew@pimlott.net> wrote:
> > During the time between the daemon launch and it closing it's file
> > handles and calling setsid(2) (which some daemons don't do because they
> > are buggy) any other code running in the same UID could take over the
> > process via ptrace, fork off a child process that inherits the
> > administrator tty, and then stuff characters into the keyboard buffer
> > with ioctl(fd,TIOCSTI,&c) (*).
> If this is a real problem (which it sounds like), it's not specific to
> init scripts.  Shouldn't it be fixed in su?

Ideally yes.  But that involves proxying all operations on the pseudo-tty 
which is quite a difficult task.

> Maybe your changes should happen in su by default, with a --leak-tty
> option if you want to keep the terminal.

I can't imagine us changing the way su works by default.  The only way to make 
"su user" not have this problem by default is to proxy the pseudo-tty stuff.

http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to: