oss-sec mailing list archives
Re: Re: TTY handling when executing code in different lower-privileged context (su, virt containers)
From: Marcus Meissner <meissner () suse de>
Date: Tue, 6 Nov 2012 15:06:57 +0100
On Wed, Nov 07, 2012 at 12:37:25AM +1100, David Black wrote:
In both cases, paranoid administrators might decide to use /dev/null as stdin/stdout/stderr when just starting non-interactive programs in different context, while they could replace the privileged shell with exec when interactive context switch is needed (no shell, no escalation). Any opinions on that?Perhaps if sudo/su determine if a user is running 'interactively' they could use a pseudo-pty ?
There were fixes released btw ... (If we are talking about the same problem.) SUSE at least did release fixes for the terminal character injection, by opening a new session. (CVE-2005-4890 is this whole issue I think.) Ludwig Nussel tried to also use pseudo tty, but this gets kind of messy soon, especially if you start with the signal handling required (ctrl-z and ctrl-c over su are supposed to work...). Fun enough, after release one of our customers reported to actually use code like: su nobody -c "echo Test >/dev/tty" Ciao, Marcus
Current thread:
- TTY handling when executing code in different lower-privileged context (su, virt containers) halfdog (Nov 05)
- Re: TTY handling when executing code in different lower-privileged context (su, virt containers) vladz (Nov 06)
- <Possible follow-ups>
- Re: TTY handling when executing code in different lower-privileged context (su, virt containers) David Black (Nov 06)
- Re: Re: TTY handling when executing code in different lower-privileged context (su, virt containers) Marcus Meissner (Nov 06)