[Pkg-shadow-devel] Bug#628843: login: tty hijacking possible in "su" via TIOCSTI ioctl
Simon Ruderich
simon at ruderich.org
Mon Oct 3 19:34:14 UTC 2016
On Mon, Oct 03, 2016 at 09:22:50PM +0200, up201407890 at alunos.dcc.fc.up.pt wrote:
> Loss of job control in the shell.
I'm confused. I'm not talking about removing the controlling
terminal, but instead spawning a new session, opening a new pts
and connecting that to the program. This way the program has a
tty, job control works, but the tty is different and therefore
can't be controlled by the less-privileged account.
Regards
Simon
--
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-shadow-devel/attachments/20161003/b34c49f9/attachment.sig>
More information about the Pkg-shadow-devel
mailing list