Hello. This is due to changes introduced in su in shadow 4.1.5 to address CVE-2005-4890. They amount, in sum, to dropping the controlling TTY when su is used non-interactively.
While the threat of command injection does exist, shadow's omni directional solution is overkill. As I documented back in May (http://seclists.org/oss- sec/2013/q2/374), crippling "su -c" when escalating privileges (i.e. callee is root) is unwarranted. After all, we're not really worried about root injecting commands to a non-privileged user. Feel free to use the patch I constructed that addresses the issue being reported when sux (or any other su frontend/wrapper) invokes su non-interactively to escalate privs: http://sf.net/projects/mancha/files/misc/shadow-4.1.5.1_CVE-2005- 4890_relax.diff This patch makes sure the controlling terminal isn't dropped when the callee is root while still protecting from command injection from an unprivileged tty to a privileged one. --mancha -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
