* Steve Langasek <vor...@debian.org>, 2014-01-09, 08:50:
I wonder whether noninteractive su to drop privileges from root to a
system account (in maintainer scripts, etc.) should be discouraged
altogether, in favour of something with argv rather than shell
semantics, like sudo/chrootuid? You can always get back from
argv-based to to shell-based semantics by using "sh -c '<command>'"
as the final arguments, if you really need shell command-line
parsing.
I've been using setuidgid from daemontools for this for years because
su is much too heavy-weight and kept doing things I didn't want it to
do.
For a lightweight, PAM-less uid switcher in Debian's base system, you
probably want to use start-stop-daemon --chuid.
AFAICS neither setuidgid nor start-stop-daemon protects you from tty
hijacking via TIOCSTI (see bug #628843).
--
Jakub Wilk
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20140109172550.ga2...@jwilk.net
