Re: Fwd: init scripts and su

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Fwd: init scripts and su
Date: 2004-08-06 04:43:54
Message-ID: 7009.1091767434@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> For your amusement...

> During the time between the daemon launch and it closing it's file
> handles and calling setsid(2) (which some daemons don't do because
> they are buggy) any other code running in the same UID could take over
> the process via ptrace, fork off a child process that inherits the
> administrator tty, and then stuff characters into the keyboard buffer
> with ioctl(fd,TIOCSTI,&c) (*).

(a) And there would be untrusted code running as postgres exactly why?

(b) Seems to me the real security bug here is the mere existence of that
ioctl call.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Greg Stark 2004-08-06 04:48:15 Upgrade path for contrib modules
Previous Message Bruce Momjian 2004-08-06 04:25:06 Re: pgxs: build infrastructure for extensions v4