[Pkg-shadow-devel] Bug#628843: Bug#628843: use pty?
Alexander Gattin
xrgtn at yandex.ru
Thu Mar 7 09:10:14 UTC 2013
Hello,
On Wed, Mar 06, 2013 at 11:23:01AM -0600, Serge
Hallyn wrote:
> As mdeslaur has pointed out in irc, one solution
> would be to have interactive su use a new pty
> for the session. Not trivial,
and not very portable too. The best pty handling
is done by Expect (Tcl/Expect) IMHO, but its code
looks too complex.
Probably, we should do the simplified pty for
selected platforms (GNU/Linux, FreeBSD) and try
not to break others (and leave them vulnerable
until someone cares much).
> Alternatively, we could simply update the su man
> page to recommend su only be used for increasing
> privilege (becoming root), and recommend other
> means for dropping privilege or switching users.
IMHO we should do both -- first update the su man
page (and leave it so for other platforms), then
implement pty workaround for Linux and BSD and
restore su manpage for Linux/BSD.
--
With best regards,
xrgtn
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20130307/0f320164/attachment.pgp>
More information about the Pkg-shadow-devel
mailing list