Re: init scripts and su
In article <[🔎] 200407281656.20481.russell@coker.com.au>,
Russell Coker <russell@coker.com.au> wrote:
>On Tue, 27 Jul 2004 07:48, Andrew Pimlott <andrew@pimlott.net> wrote:
>> > During the time between the daemon launch and it closing it's file
>> > handles and calling setsid(2) (which some daemons don't do because they
>> > are buggy) any other code running in the same UID could take over the
>> > process via ptrace, fork off a child process that inherits the
>> > administrator tty, and then stuff characters into the keyboard buffer
>> > with ioctl(fd,TIOCSTI,&c) (*).
>>
>> If this is a real problem (which it sounds like), it's not specific to
>> init scripts. Shouldn't it be fixed in su?
>
>Ideally yes. But that involves proxying all operations on the pseudo-tty
>which is quite a difficult task.
Wait a minute. Is this about TIOCSTI only ? You can only use TIOCSTI
on your controlling tty. After calling setsid(), stdin/stdout/stderr
are still connected to the tty, but that tty isn't the controlling
tty anymore. So TIOCSTI doesn't work at all.
So you don't need to close fd 0/1/2. Just make sure to fork()
(to make sure you're not a process group leader anymore) and
call setsid() before setuid() and TIOCSTI won't work.
Perhaps start-stop-daemon should have a command line option that
makes it fork() and setsid() (--setsid ?)
Mike.
--
The question is, what is a "manamanap".
The question is, who cares ?
Reply to: