Re: Command 'su' is not working in virtual console

To: debian-security@lists.debian.org
Subject: Re: Command 'su' is not working in virtual console
From: Bart-Jan Vrielink <bartjan@vrielink.net>
Date: Fri, 16 Dec 2011 21:59:33 +0100
Message-id: <[🔎] 4EEBB135.6060300@vrielink.net>
In-reply-to: <[🔎] 20111216205326.GC11248@snarl.nl>
References: <[🔎] 20111216205326.GC11248@snarl.nl>

On 12/16/11 21:53, Freddy Spierenburg wrote:

Hi (first message) Bart-Jan and (second) Marko,

On Fri, Dec 16, 2011 at 09:32:05PM +0100, Bart-Jan Vrielink wrote:

You shouldn't be able to strace suid programs.

Please enlighten me, why not?

suid/setuid means that the program runs as another user. Being able totrace system calls for another user is a security risk. When strace isasked to run a setuid program, it will ignore the setuid bit, which isnot what you want.

Reply to:

Follow-Ups:
- Re: Command 'su' is not working in virtual console
  - From: frederic ollivier <frederic@ollivier.info>

References:
- Re: Command 'su' is not working in virtual console
  - From: Freddy Spierenburg <freddy@snarl.nl>

Prev by Date: Re: Command 'su' is not working in virtual console
Next by Date: Re: Command 'su' is not working in virtual console
Previous by thread: Re: Command 'su' is not working in virtual console
Next by thread: Re: Command 'su' is not working in virtual console
Index(es):
- Date
- Thread