This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 199066 - su -c does not need to call setsid() when target is root
su -c does not need to call setsid() when target is root
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: coreutils (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tim Waugh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-07-16 17:13 EDT by Russell Coker
Modified: 2012-04-26 14:58 EDT (History)
1 user (show)

See Also:
Fixed In Version: 5.97-6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-07-21 11:06:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
patch to fix this bug (2.75 KB, patch)
2006-07-16 17:13 EDT, Russell Coker
no flags Details | Diff

  None (edit)
Description Russell Coker 2006-07-16 17:13:40 EDT
su -c currently calls setsid() to prevent TIOCSTI attacks as described in bug 
173008.

However such protection is not needed when running programs as root, only when 
running programs with lesser or incomparable privileges than the calling code.

The attached patch makes "su root -c command" not call setsid() and also gives 
a command-line option -C which does the same as -c but doesn't call setsid() 
(note that it's very important that the default option calls setsid() to deal 
with some proprietary software that uses "su -c" in system scripts).
Comment 1 Russell Coker 2006-07-16 17:13:40 EDT
Created attachment 132532 [details]
patch to fix this bug
Comment 3 Tim Waugh 2006-07-21 09:22:23 EDT
Fixed in CVS.

Note You need to log in before you can comment on or make changes to this bug.