oss-sec mailing list archives
Re: Are `su user' and/or `sudo -u user sh' considered dangerous?
From: Georgi Guninski <guninski () guninski com>
Date: Wed, 13 Jun 2018 12:54:54 +0300
On Wed, Jun 13, 2018 at 10:40:43AM +0300, Georgi Guninski wrote:
Is there POC for relatively new distros?
debian 8 and 9 are vulnerable to su - hostile: https://j.ludost.net/blog/archives/2018/06/13/ancient_su_-_hostile_vulnerability_in_debian_8_and_9/index.html what about the second potential vulnerability: reading root's tty after the session is closed with something like tee(1) ? several sources suggest disabling TIOCSTI or using setsid(), are they enough?
Current thread:
- Are `su user' and/or `sudo -u user sh' considered dangerous? Georgi Guninski (Jun 12)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Jakub Wilk (Jun 12)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Jordan Glover (Jun 12)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Todd C. Miller (Jun 12)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Georgi Guninski (Jun 13)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Georgi Guninski (Jun 13)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Jakub Wilk (Jun 14)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Georgi Guninski (Jun 15)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Jordan Glover (Jun 12)
- Re: Are `su user' and/or `sudo -u user sh' considered dangerous? Jakub Wilk (Jun 12)