[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init scripts and su



In article <200407281656.20481.russell@coker.com.au>,
Russell Coker  <russell@coker.com.au> wrote:
>On Tue, 27 Jul 2004 07:48, Andrew Pimlott <andrew@pimlott.net> wrote:
>> > During the time between the daemon launch and it closing it's file
>> > handles and calling setsid(2) (which some daemons don't do because they
>> > are buggy) any other code running in the same UID could take over the
>> > process via ptrace, fork off a child process that inherits the
>> > administrator tty, and then stuff characters into the keyboard buffer
>> > with ioctl(fd,TIOCSTI,&c) (*).
>>
>> If this is a real problem (which it sounds like), it's not specific to
>> init scripts.  Shouldn't it be fixed in su?
>
>Ideally yes.  But that involves proxying all operations on the pseudo-tty 
>which is quite a difficult task.

Wait a minute. Is this about TIOCSTI only ? You can only use TIOCSTI
on your controlling tty. After calling setsid(), stdin/stdout/stderr
are still connected to the tty, but that tty isn't the controlling
tty anymore. So TIOCSTI doesn't work at all.

So you don't need to close fd 0/1/2. Just make sure to fork()
(to make sure you're not a process group leader anymore) and
call setsid() before setuid() and TIOCSTI won't work.

Perhaps start-stop-daemon should have a command line option that
makes it fork() and setsid() (--setsid ?)

Mike.
-- 
The question is, what is a "manamanap".
The question is, who cares ?



Reply to: