13 Nov
2024
13 Nov
'24
9:45 p.m.
On 2024-11-13 12:29+0000, Alain D D Williams via BitFolk Users wrote:
# ps -f
UID PID PPID C STIME TTY TIME CMD
root 28669 28644 0 01:52 pts/1 00:00:00 sudo -s
root 28670 28669 0 01:52 pts/1 00:00:00 /bin/bash
root 28979 28670 0 01:59 pts/1 00:00:00 ps -f
# ps -fp28644
UID PID PPID C STIME TTY TIME CMD
root 28644 1819 0 01:51 pts/0 00:00:00 sudo -s
What is happening ?
Kernel < 6.1 that allows the process you sudo'd to write back to the
user who ran the sudo when not using a pty for the process. It is fixed
in later kernels, but is a linux specific thing AKA antijack.
I took the decision to not fix this in please (my sudo-like program) as
it's fixed in kernel now, and if you were to:
cat image.iso | please dd of=/dev/sdd
Then that dd would be run in a pty and the data has to be bucketed
through the master/slave of the pty, which isn't green. When not using a
pty it's just stdio as normal.
I don't think many people use the pty logger either, I could be entirely
wrong about it all, but went with my gut and didn't think it was ideal
given all the code overhead, which itself can present more issues
(signal handling too etc). Everything is solvable of course...
Ed