[Bug 1223873] Re: sux "cannot set terminal process group ...." error
mancha
mancha1 at hush.com
Thu Dec 26 21:09:22 UTC 2013
Hello.
This is due to changes introduced in su in shadow 4.1.5 to address
CVE-2005-4890. They amount, in sum, to dropping the controlling TTY when
su is used non-interactively.
While the threat of command injection does exist, shadow's omni-
directional solution is overkill.
As I documented back in May (http://seclists.org/oss-sec/2013/q2/374),
crippling "su -c" when escalating privileges (i.e. callee is root) is
unwarranted. After all, we're not really worried about root injecting
commands to a non-privileged user.
Feel free to use the patch I constructed that addresses the issue being
reported when sux (or any other su frontend/wrapper) invokes su non-
interactively to escalate privs:
http://sf.net/projects/mancha/files/misc/shadow-4.1.5.1_CVE-2005-4890_relax.diff
--mancha
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1223873
Title:
sux "cannot set terminal process group ...." error
Status in “shadow” package in Ubuntu:
Confirmed
Status in “sux” package in Ubuntu:
Confirmed
Status in “shadow” package in Debian:
Confirmed
Status in “sux” package in Debian:
Confirmed
Bug description:
After migration from precise to raring I can't use sux in a reliable
manner.
1. After invocation I got the error message:
bash: cannot set terminal process group (-1): Inappropriate ioctl for device bash: no job control in this shell
2. Pressing Ctrl+C kills the entire session
---
Ubuntu Bug Squad volunteer triager
http://wiki.ubuntu.com/BugSquad
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: sux 1.0.1-6
ProcVersionSignature: Ubuntu 3.8.0-31.46-generic 3.8.13.8
Uname: Linux 3.8.0-31-generic x86_64
NonfreeKernelModules: nvidia
ApportVersion: 2.9.2-0ubuntu8.4
Architecture: amd64
Date: Wed Sep 11 15:15:19 2013
MarkForUpload: True
PackageArchitecture: all
SourcePackage: sux
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1223873/+subscriptions
More information about the foundations-bugs
mailing list