[Pkg-shadow-devel] Bug#663200: Bug#659878: cannot set terminal process group (-1): Inappropriate ioctl for device
Tim Connors
reportbug at rather.puzzling.org
Fri May 10 05:52:27 UTC 2013
severity 663200 grave
thanks
On Fri, 10 May 2013, Tim Connors wrote:
> > I currently can't find any idea how to fix this issue.
> >
> > The security issue had to be solved by dropping the controlling
> > terminal, so you cannot start a command that would interact with the
> > current terminal. I don't have enough terminal handling skills to find
> > other way to fix the security issue than by dropping the terminal.
> >
> > An option could be to keep the controlling terminal when su-ing to root.
> > The issue would be less visible in sux (probably used mostly to gain
> > root privileges), but even if the risk when su'ing to root is lower, it
> > does not smell good.
>
> Is this just a security risk when suing from root to an unprivledged
> account (eg, in init.d scripts), and that unprivledged account injects
> keystrokes back into the root shell? If it's not a risk when trying to
> get into the root account and running something with -c where you desire
> there to be a tty, then maybe you could keep the tty in that situation.
>
> Or what about providing an extra flag (eg, -C) where the user explicitly
> acknoledges that they're happy to take on the risk that you have a
> controlling tty and are executing a command with it?
Actually, the other thing you lose (I presuming caused by acting on bug
#628843) is tty resizing by SIGWINCH. ttys are really useful, it turns
out.
I have shedloads of up-to-date security patched RHEL5/6 machines, and I've
never come across this problem on them. Yep:
rhel6> su -c -u root 'cat /dev/tty'
Password:
asdasda
asdasda
debian-wheezy> su -c -u root 'cat /dev/tty'
Password:
cat: /dev/tty: No such device or address
Sorry, marking this bug as RC (pity I missed wheezy!), breaks other
software.
--
Tim Connors
More information about the Pkg-shadow-devel
mailing list