oss-sec mailing list archives
Re: TTY handling when executing code in different lower-privileged context (su, virt containers)
From: David Black <disclosure () d1b org>
Date: Wed, 7 Nov 2012 00:37:25 +1100
In both cases, paranoid administrators might decide to use /dev/null as stdin/stdout/stderr when just starting non-interactive programs in different context, while they could replace the privileged shell with exec when interactive context switch is needed (no shell, no escalation). Any opinions on that?
Perhaps if sudo/su determine if a user is running 'interactively' they could use a pseudo-pty ?
Current thread:
- TTY handling when executing code in different lower-privileged context (su, virt containers) halfdog (Nov 05)
- Re: TTY handling when executing code in different lower-privileged context (su, virt containers) vladz (Nov 06)
- <Possible follow-ups>
- Re: TTY handling when executing code in different lower-privileged context (su, virt containers) David Black (Nov 06)
- Re: Re: TTY handling when executing code in different lower-privileged context (su, virt containers) Marcus Meissner (Nov 06)