Re: init scripts and su
On Tue, 27 Jul 2004 07:48, Andrew Pimlott <firstname.lastname@example.org> wrote:
> > During the time between the daemon launch and it closing it's file
> > handles and calling setsid(2) (which some daemons don't do because they
> > are buggy) any other code running in the same UID could take over the
> > process via ptrace, fork off a child process that inherits the
> > administrator tty, and then stuff characters into the keyboard buffer
> > with ioctl(fd,TIOCSTI,&c) (*).
> If this is a real problem (which it sounds like), it's not specific to
> init scripts. Shouldn't it be fixed in su?
Ideally yes. But that involves proxying all operations on the pseudo-tty
which is quite a difficult task.
> Maybe your changes should happen in su by default, with a --leak-tty
> option if you want to keep the terminal.
I can't imagine us changing the way su works by default. The only way to make
"su user" not have this problem by default is to proxy the pseudo-tty stuff.
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page