[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#274229: System accounts with valid shells

* Steve Langasek <vorlon@debian.org>, 2014-01-09, 08:50:
I wonder whether noninteractive su to drop privileges from root to a system account (in maintainer scripts, etc.) should be discouraged altogether, in favour of something with argv rather than shell semantics, like sudo/chrootuid? You can always get back from argv-based to to shell-based semantics by using "sh -c '<command>'" as the final arguments, if you really need shell command-line parsing.

I've been using setuidgid from daemontools for this for years because su is much too heavy-weight and kept doing things I didn't want it to do.

For a lightweight, PAM-less uid switcher in Debian's base system, you probably want to use start-stop-daemon --chuid.

AFAICS neither setuidgid nor start-stop-daemon protects you from tty hijacking via TIOCSTI (see bug #628843).

Jakub Wilk

Reply to: