On Wed, Jul 28, 2004 at 04:56:20PM +1000, Russell Coker wrote: > On Tue, 27 Jul 2004 07:48, Andrew Pimlott <[EMAIL PROTECTED]> wrote: > > If this is a real problem (which it sounds like), it's not specific to > > init scripts. Shouldn't it be fixed in su? > > Ideally yes. But that involves proxying all operations on the pseudo-tty > which is quite a difficult task.
Ok, I don't know enough about how terminals work. I thought from your description that there was some way to protect the terminal from the child by creating a new session or something. But if su is really as unsafe as you say, maybe the pseudo-tty is the right answer. I verified that if I "su - andrew bash" as root, then andrew can write to root's terminal, even after bash exits (just hold the fd open). I don't know how to go further, but from what you say I believe it's possible. Sounds scary. Andrew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
