Red Hat Bugzilla – Bug 199066
su -c does not need to call setsid() when target is root
Last modified: 2012-04-26 14:58:17 EDT
su -c currently calls setsid() to prevent TIOCSTI attacks as described in bug
However such protection is not needed when running programs as root, only when
running programs with lesser or incomparable privileges than the calling code.
The attached patch makes "su root -c command" not call setsid() and also gives
a command-line option -C which does the same as -c but doesn't call setsid()
(note that it's very important that the default option calls setsid() to deal
with some proprietary software that uses "su -c" in system scripts).
Created attachment 132532 [details]
patch to fix this bug
Fixed in CVS.