bug#24541: runcon tty hijacking via TIOCSTI ioctl

bug-coreutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#24541: runcon tty hijacking via TIOCSTI ioctl

From:	Kamil Dudka
Subject:	bug#24541: runcon tty hijacking via TIOCSTI ioctl
Date:	Mon, 28 Aug 2017 13:24:41 +0200

On Monday, August 28, 2017 11:51:12 AM CEST Pádraig Brady wrote:
> On 29/09/16 08:15, Bernhard Voelker wrote:
> > On 09/26/2016 05:53 PM, Paul Eggert wrote:
> >>> "I don't think we need to fix this for runcon, as it isn't as
> >>> sandboxing tool like sandbox, and the loss of job control would likely
> >>> be much more noticeable for runcon."
> >> 
> >> Thanks, closing the debbugs bug report.
> > 
> > FWIW Karel just committed a workaround for su/runuser in util-linux
> > using libseccomp:
> > 
> > https://github.com/karelzak/util-linux/commit/8e492501

Note that the above mentioned commit was reverted long time ago:

https://github.com/karelzak/util-linux/commit/23f75093

Kamil

> I think this issue is worth addressing with libseccomp.
> That lib is a widely used dependency on SELinux systems
> so not a significant dependency to add.
> The attached uses libseccomp if available,
> and falls back to using setsid() in the edge cases where not.
> 
> cheers,
> Pádraig

[Prev in Thread]

Current Thread

[Next in Thread]

bug#24541: runcon tty hijacking via TIOCSTI ioctl, Pádraig Brady, 2017/08/28
- bug#24541: runcon tty hijacking via TIOCSTI ioctl, Kamil Dudka <=

Prev by Date: bug#24541: runcon tty hijacking via TIOCSTI ioctl
Next by Date: bug#28224: Need to know technical support for GnuWin32: CoreUtils 5.3.0 versions
Previous by thread: bug#24541: runcon tty hijacking via TIOCSTI ioctl
Next by thread: bug#28290: Fwd: tail: unrecognized file system type 0x794c7630
Index(es):
- Date
- Thread