mailing list archives
Re: Re: TTY handling when executing code in different lower-privileged context (su, virt containers)
From: Marcus Meissner <meissner () suse de>
Date: Tue, 6 Nov 2012 15:06:57 +0100
On Wed, Nov 07, 2012 at 12:37:25AM +1100, David Black wrote:
In both cases, paranoid administrators might decide to use /dev/null
as stdin/stdout/stderr when just starting non-interactive programs in
different context, while they could replace the privileged shell with
exec when interactive context switch is needed (no shell, no escalation).
Any opinions on that?
Perhaps if sudo/su determine if a user is running 'interactively' they
could use a pseudo-pty ?
There were fixes released btw ... (If we are talking about the same
SUSE at least did release fixes for the terminal character injection,
by opening a new session.
(CVE-2005-4890 is this whole issue I think.)
Ludwig Nussel tried to also use pseudo tty, but this gets kind of
messy soon, especially if you start with the signal handling required
(ctrl-z and ctrl-c over su are supposed to work...).
Fun enough, after release one of our customers reported to actually use
su nobody -c "echo Test >/dev/tty"