login -f changing session getlogin(2)
Bryan Drewery
bdrewery at FreeBSD.org
Wed Oct 21 16:58:00 UTC 2015
On 10/3/2015 2:08 PM, Jilles Tjoelker wrote:
> On Thu, Oct 01, 2015 at 03:02:21PM -0700, Bryan Drewery wrote:
>> Can't we use something like forkpty(3) for the child to avoid the issues
>> you mention? It calls setsid(2) via login_tty(3).
>
> This would make sense for a special impersonation tool or for a paranoid
> version of su, but not for a normal login.
>
> You can do this right now using script(1), for example
> script /dev/null login -f SOMEUSER
>
Leaving this bug here in unacceptable to me. It is a clear POLA
violation and is sternly documented in setlogin(2) as the wrong thing to do.
There seems to be unwillingness to discuss actual potential fixes.
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20151021/08999bbc/attachment.bin>
More information about the freebsd-arch
mailing list