[Pkg-shadow-devel] Bug#628843: Bug#628843: Bug#628843: (forw) Bug#628843: login: tty hijacking possible in "su" via TIOCSTI ioctl

Nicolas François nicolas.francois at centraliens.net
Sat Jun 11 15:12:54 UTC 2011


Hello,

One more point to be reviewed.

shadow-utils supports also configurations where PAM is not used.
In that case, su does not fork to exec the interactive shell / command, so
I cannot use setsid().

In that case, I intend to use:

#include <termios.h>
#include <sys/ioctl.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
	int fd;
	if ((fd = open ("/dev/tty", O_RDWR)) >= 0) {
		ioctl (fd, TIOCNOTTY, (char *) 0);
		close (fd);
	}

I think this should be sufficient to protect the terminal (i.e.
re-attaching to it is not possible). This looks simpler than:
	pid_t child = fork();
	if (child == -1) {
		...
	} else if (child > 0) {
		_exit(0);
	}
	setsid();
(In this version I would need again to handle the signals manually instead
of the _exit())

Also if the above ioctl is sufficient, is there a benefit from setsid()?

Best Regards,
-- 
Nekral





More information about the Pkg-shadow-devel mailing list