oss-sec mailing list archives

Re: TIOCSTI not going away

From: Karel Zak <kzak () redhat com>
Date: Sun, 4 Jun 2017 01:15:28 +0200

On Sat, Jun 03, 2017 at 06:58:13PM +0200, Solar Designer wrote:

In fact, just 2 days ago util-linux 2.30 was released with
the issue still deliberately not fixed:

https://marc.info/?l=util-linux-ng&m=149640144016887

| CVE-2016-2779 - This security issue is NOT FIXED yet.  It is possible to
|   disable the ioctl TIOCSTI by setsid() only.  Unfortunately, setsid()
|   has well-defined use cases in su(1) and runuser(1) and any changes
|   would introduce regressions.  It seems we need a better way -- ideally
|   another ioctl to disable TIOCSTI without setsid() or in a userspace
|   implemented pty container (planned as experimental su(1) feature).

I am posting this message primarily to let maintainers of userspace
su-like programs know that they should in fact proceed to implement


I'm working on this (su-* branches on github), but I'd like to do some 
refactoring to implement. So, let's hope the next release.

    Karel


-- 
 Karel Zak  <kzak () redhat com>
 http://karelzak.blogspot.com

Current thread:

TIOCSTI not going away Solar Designer (Jun 03)
- Re: TIOCSTI not going away Karel Zak (Jun 03)
- Re: TIOCSTI not going away Lizzie Dixon (Jun 03)
- Re: TIOCSTI not going away Solar Designer (Jun 29)
  - Re: TIOCSTI not going away Nick Kralevich (Jun 29)
  - Re: TIOCSTI not going away Todd C. Miller (Jun 29)
  - Re: TIOCSTI not going away Christos Zoulas (Jun 29)