bug-bash
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Pkg-shadow-devel] Bug#476519: shell-mode garbles input


From: jidanni
Subject: Re: [Pkg-shadow-devel] Bug#476519: shell-mode garbles input
Date: Fri, 02 May 2008 23:27:00 +0800

SC> Try
SC> sudo env -i SHELLOPTS=xtrace su -p - nobody
(I don't use sudo)
uid=0(root) gid=0(root) groups=0(root)
# env -i SHELLOPTS=xtrace su -p - nobody
+ PATH=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games
+ '[' /bin/sh ']'
+ PS1='\u@\h:\w\$ '
+ export PATH
+ umask 022
nobody@jidanni2:/root$ kill -1 $$
+ kill -1 6215
# env -i SHELLOPTS=xtrace su -p - nobody
+ PATH=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games
+ '[' /bin/sh ']'
+ PS1='\u@\h:\w\$ '
+ export PATH
+ umask 022
nobody@jidanni2:/root$ logout
#

Above on my first attempt the shell stayed alive, so I typed kill -1
$$ (instead of exit, so it would be clear that I typed it, as that is
something the "magic hand" never uses.) On the second and later
attempts, some magic hand typed "logout" for me. The magic hand also
sometimes types "exit"...

SC> nobody's shell is sh (being bash) or bash, right?
SC> $ getent passwd nobody
SC> nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
Same here.
SC> $ dpkg -S "$(command -v su)"
SC> login: /bin/su
Same here.
$ ls -og /bin/sh
lrwxrwxrwx 1 4 2008-04-29 07:04 /bin/sh -> bash
SC> Which su is your su? Is it using PAM?
SC> $ ldd /bin/su
same here except for the hex numbers.
SC> $ grep '^[^#]' /etc/pam.d/su
Same here.
SC> (also check the included files).
Never touched them.
$ cd /etc/pam.d&&find * -atime -1 -type f|xargs ls -og
-rw-r--r-- 1  392 2005-07-26 16:48 common-account
-rw-r--r-- 1  436 2005-07-26 16:48 common-auth
-rw-r--r-- 1 1097 2005-07-26 16:48 common-password
-rw-r--r-- 1  372 2005-07-26 16:48 common-session
-rw-r--r-- 1  289 2005-07-05 22:45 cron
-rw-r--r-- 1 2843 2006-09-17 15:22 login
-rw-r--r-- 1  520 2003-09-01 06:21 other
-rw-r--r-- 1 2305 2006-07-14 19:05 su
-rw-r--r-- 1  289 2007-08-13 23:54 xdm
The only thing I tampered with is probably just making a
$ ls -og /etc/environment
-rw-r--r-- 1 0 2008-05-02 03:37 /etc/environment
to stop the warning in /var/log/auth.log if it is absent.
The pam stuff came with my Debian sid installation and apt-get says
removing it "should NOT be done unless you know exactly what you are
doing!" i.e., not me, so I dare not touch it.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]