* NEWS, src/su.c: Do not forward the controlling terminal to

commands executed with -c. This prevents tty hijacking which could lead to execution with the caller's privileges. This required to forward signals from the terminal (SIGINT, SIGQUIT, SIGTSTP) to the executed command.
2011-06-05 14:41:15 +00:00
parent a8ca723277
commit b5403415f7
3 changed files with 64 additions and 14 deletions
--- a/11
+++ b/11
@@ -2,7 +2,11 @@ $Id$

 shadow-4.1.4.3 -> shadow-4.1.5					UNRELEASED

- general
+*** security
+  * su -c could be abused by the executed command to invoke commands with
+    the caller privileges. See below.
+
+*** general
  * report usage error to stderr, but report usage help to stdout (and return
    zero) when explicitly requested (e.g. with --help).
  * initial support for tcb (http://openwall.com/tcb/) for useradd,
@@ -39,6 +43,9 @@ shadow-4.1.4.3 -> shadow-4.1.5					UNRELEASED
    list of TTYs.
  * Fixed warning and support for CONSOLE_GROUPS for users member of more
    than 16 groups.
+  * Do not forward the controlling terminal to commands executed with -c.
+    This prevents tty hijacking which could lead to execution with the
+    caller's privileges.
 - newgrp, sg, groupmems
  * Fix parsing of gshadow entries.
 - useradd
@@ -59,7 +66,7 @@ shadow-4.1.4.3 -> shadow-4.1.5					UNRELEASED

 shadow-4.1.4.2 -> shadow-4.1.4.3						2011-02-15

-*** security:
+*** security
 - CVE-2011-0721: An insufficient input sanitation in chfn can be exploited
  to create users or groups in a NIS environment.