docs: update infor about TIOCSTI

Signed-off-by: Karel Zak <kzak@redhat.com>
2016-10-06 10:28:33 +02:00 · 2016-10-06 10:28:33 +02:00 · c39447445c
parent 2a8bdaf364
commit c39447445c
2 changed files with 13 additions and 2 deletions
--- a/Documentation/TODO
+++ b/Documentation/TODO
@ -1,6 +1,10 @@

 Note that items with (!) have high priority.

+su/runuser:
+  - (!) implement pty container for all su/runuser session (something like
+    script(1)) to separate user from the original terminal (see CVE-2016-2779)
+
 - add functions strtime_short(), strtime_iso(), strtime_ctime(), ...

 - cleanup lib/path.c:
--- a/Documentation/releases/v2.29-ReleaseNotes
+++ b/Documentation/releases/v2.29-ReleaseNotes
@ -4,8 +4,15 @@ Util-linux 2.29 Release Notes
 Security issues
 ---------------

-CVE-2016-2779 -- fixed by workeround based on libseccomp, the workaround
-                 disables TIOCSTI ioctl in su/runuser session.
+CVE-2016-2779
+
+This security issue is NOT FIXED yet.  It is possible to disable the ioctl
+TIOCSTI by setsid() only.  Unfortunately, setsid() has well-defined use cases
+in su(1) and runuser(1) and any changes would introduce regressions.  It seems
+we need a better way -- ideally another ioctl to disable TIOCSTI without
+setsid() or in userspace implemented pty container (planned as experimental
+feature).
+

 Stable maintenance releases between v2.28 and v2.29
 ---------------------------------------------------