As information at present I have a bit more time left in testing and reworking the patch I sent with #141 which has some smaller issues with signalling mostly SIGSTOP and SIGCONT and I hope that I can submit the rework during this weekend.
@Serge I'm sorry but I couldn't reproduce the behaviour as You submitted with #146 and therefore I would like to ask You if You could provide me with the checksums as in the .dsc file, if You run on 32Bit or 64Bit and if You have USE_PAM enabled or not. Maybe I might be able to improve the patch or to fix that issue. >> Actually, the other thing you lose (I presuming caused by acting on bug >> #628843) is tty resizing by SIGWINCH. ttys are really useful, it turns >> out. >> No, this clearly comes from the tcsetpgrp() call inside bash returning -1 with errno set to ENOTTY because of the missing controlling tty. > > As per some comments in #628843, the way this bug was addressed breaks su > -c to increase privledges. It also breaks su -c to become a user and > execute something interactive. Root isn't going to be doing stupid things > and running scripts that have been compromised (if they are, then they've > got bigger problems), so what's the problem? (why on earth would root ever > su to an untrusted user account?) I think this change should just be > backed out, and a prominent warning about the tty exploit placed in the > manpage. > But this would be fixed with the patch in #141 without having any restrictions. However, I don't agree with the statement that 'root' would never su to an untrusted user account beside that, that from administrator point of view every user account is 'untrusted' and in fact it is quite often that this happens that 'root' is su'ing to non privileged users beside using a lot of starting and maintenance scripts which are invoking su. IMHO it is better to fix what is fixable to improve quality and safety instead of making workarounds and warnings. Best regards Wolf -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
