Public bug reported: [IMPACT]
[TEST CASE] [REGRESSION POTENTIAL] [OTHER INFORMATION] Debbug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815922 This is fixing a CVE vulnerability: https://security-tracker.debian.org/tracker/CVE-2016-2779 Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list http://www.openwall.com/lists/oss-security/2016/02/27/1 https://marc.info/?l=util-linux-ng&m=145694736107128&w=2 2.31 introduces a new --pty option to separate privileged and unprivileged shells (not enabled by default and the cli switch is necessary). [ORIGINAL DESCRIPTION] After a discussion with security team on what would be their recommended way to run command as 'juju-user' inside the sosreport juju plugin which is run as root, in order to avoid using 'sudo' or 'su' command. The recommendation was to use 'runuser -P' runuser PTY support is present in Bionic and late, but not in Xenial. I'm opening this bug in the effort to update util-linux/runuser code in Xenial to add the PTY support. ** Affects: util-linux (Ubuntu) Importance: Undecided Status: Fix Released ** Affects: util-linux (Ubuntu Xenial) Importance: Undecided Status: New ** Tags: sts ** Tags added: sts ** Also affects: util-linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: util-linux (Ubuntu) Status: New => Fix Released ** Description changed: - After a discussion with security team on what would be their recommended - way to run command as 'juju-user' inside the sosreport juju plugin which - is run as root, in order to avoid using 'sudo' or 'su' command. + [IMPACT] + + [TEST CASE] + + [REGRESSION POTENTIAL] + + [OTHER INFORMATION] + + Debbug: + https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815922 + + This is fixing a CVE vulnerability: + https://security-tracker.debian.org/tracker/CVE-2016-2779 + + Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list + http://www.openwall.com/lists/oss-security/2016/02/27/1 + https://marc.info/?l=util-linux-ng&m=145694736107128&w=2 + 2.31 introduces a new --pty option to separate privileged and unprivileged + shells (not enabled by default and the cli switch is necessary). + + [ORIGINAL DESCRIPTION] + After a discussion with security team on what would be their recommended way to run command as 'juju-user' inside the sosreport juju plugin which is run as root, in order to avoid using 'sudo' or 'su' command. The recommendation was to use 'runuser -P' runuser PTY support is present in Bionic and late, but not in Xenial. I'm opening this bug in the effort to update util-linux/runuser code in Xenial to add the PTY support. -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1828901 Title: add PTY support for runuser Status in util-linux package in Ubuntu: Fix Released Status in util-linux source package in Xenial: New Bug description: [IMPACT] [TEST CASE] [REGRESSION POTENTIAL] [OTHER INFORMATION] Debbug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815922 This is fixing a CVE vulnerability: https://security-tracker.debian.org/tracker/CVE-2016-2779 Restricting ioctl on the kernel side seems the better approach, patches have been posted to kernel-hardening list http://www.openwall.com/lists/oss-security/2016/02/27/1 https://marc.info/?l=util-linux-ng&m=145694736107128&w=2 2.31 introduces a new --pty option to separate privileged and unprivileged shells (not enabled by default and the cli switch is necessary). [ORIGINAL DESCRIPTION] After a discussion with security team on what would be their recommended way to run command as 'juju-user' inside the sosreport juju plugin which is run as root, in order to avoid using 'sudo' or 'su' command. The recommendation was to use 'runuser -P' runuser PTY support is present in Bionic and late, but not in Xenial. I'm opening this bug in the effort to update util-linux/runuser code in Xenial to add the PTY support. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1828901/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp