On Tue, 27 Jul 2004 07:48, Andrew Pimlott <[EMAIL PROTECTED]> wrote: > > During the time between the daemon launch and it closing it's file > > handles and calling setsid(2) (which some daemons don't do because they > > are buggy) any other code running in the same UID could take over the > > process via ptrace, fork off a child process that inherits the > > administrator tty, and then stuff characters into the keyboard buffer > > with ioctl(fd,TIOCSTI,&c) (*). > > If this is a real problem (which it sounds like), it's not specific to > init scripts. Shouldn't it be fixed in su?
Ideally yes. But that involves proxying all operations on the pseudo-tty which is quite a difficult task. > Maybe your changes should happen in su by default, with a --leak-tty > option if you want to keep the terminal. I can't imagine us changing the way su works by default. The only way to make "su user" not have this problem by default is to proxy the pseudo-tty stuff. -- http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
