[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: /sbin/restorecon and hard links



On Thursday 16 February 2006 01:44, Stephen Smalley <sds tycho nsa gov> wrote:
> issues.  su has its own issues irrespective of SELinux; never su to an
> untrusted account.

It should be safe if you login at the console and run "exec su - hostile", 
that way the shell from your account has already terminated before the su 
program runs anything on behalf of the hostile user.  The same goes for 
running "exec su" from an xterm.  If you ssh as a non-root user and have to 
su to root then you would do "exec su - root" followed by "exec su - hostile"

Also it should be safe to do "su hostile -c command" as there is special-case 
code in recent versions of the su program in Fedora to drop the controlling 
tty when the -c option is used.

But apart from these cases, don't su to a hostile account.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]