[Pkg-shadow-devel] Bug#663200: Bug#659878: cannot set terminal process group (-1): Inappropriate ioctl for device

[Tim Connors]

> I currently can't find any idea how to fix this issue.
>
> The security issue had to be solved by dropping the controlling
> terminal, so you cannot start a command that would interact with the
> current terminal. I don't have enough terminal handling skills to find
> other way to fix the security issue than by dropping the terminal.
>
> An option could be to keep the controlling terminal when su-ing to root.
> The issue would be less visible in sux (probably used mostly to gain
> root privileges), but even if the risk when su'ing to root is lower, it
> does not smell good.

Is this just a security risk when suing from root to an unprivledged
account (eg, in init.d scripts), and that unprivledged account injects
keystrokes back into the root shell?  If it's not a risk when trying to
get into the root account and running something with -c where you desire
there to be a tty, then maybe you could keep the tty in that situation.

Or what about providing an extra flag (eg, -C) where the user explicitly
acknoledges that they're happy to take on the risk that you have a
controlling tty and are executing a command with it?