Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Fri, 15 Jun 2018 16:08:07 +0300
From: Georgi Guninski <guninski@...inski.com>
To: oss-security@...ts.openwall.com
Subject: Re: Are `su user' and/or `sudo -u user sh' considered
 dangerous?

On Thu, Jun 14, 2018 at 08:12:59PM +0200, Jakub Wilk wrote:
> Until su is fixed to allocate new pty, I recommend running it under a
> standalone terminal emulator, such as screen or tmux. This has also an
> advantage that it's possible to tell that the invoked program actually
> terminated, instead of just pretending to terminate and faking root shell
> UI.
>
Looks like util-linux currently supports pty's:
http://man7.org/linux/man-pages/man1/su.1.html
-P, --pty
              Create pseudo-terminal for the session.
...
This feature is EXPERIMENTAL for now and may be removed in the
              next releases.
 

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ