Red Hat Bugzilla – Full Text Bug Listing
|Summary:||su -c does not need to call setsid() when target is root|
|Product:||[Fedora] Fedora||Reporter:||Russell Coker <russell>|
|Component:||coreutils||Assignee:||Tim Waugh <twaugh>|
|Status:||CLOSED RAWHIDE||QA Contact:|
|Fixed In Version:||5.97-6||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2006-07-21 11:06:24 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Russell Coker 2006-07-16 17:13:40 EDT
su -c currently calls setsid() to prevent TIOCSTI attacks as described in bug 173008. However such protection is not needed when running programs as root, only when running programs with lesser or incomparable privileges than the calling code. The attached patch makes "su root -c command" not call setsid() and also gives a command-line option -C which does the same as -c but doesn't call setsid() (note that it's very important that the default option calls setsid() to deal with some proprietary software that uses "su -c" in system scripts).
Comment 1 Russell Coker 2006-07-16 17:13:40 EDT
Created attachment 132532 [details] patch to fix this bug
Comment 3 Tim Waugh 2006-07-21 09:22:23 EDT
Fixed in CVS.