From: Karel Zak <kzak@redhat.com>
Date: Thu, 6 Oct 2016 08:28:33 +0000 (+0200)
Subject: docs: update infor about TIOCSTI
X-Git-Tag: v2.29-rc2~18
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c39447445c12a21a85e42bc8dd7d70091298349d;p=thirdparty%2Futil-linux.git

docs: update infor about TIOCSTI

Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/Documentation/TODO b/Documentation/TODO
index af00ab33bb..c86f0996ea 100644
--- a/Documentation/TODO
+++ b/Documentation/TODO
@@ -1,6 +1,10 @@
 
  Note that items with (!) have high priority.
 
+su/runuser:
+  - (!) implement pty container for all su/runuser session (something like
+    script(1)) to separate user from the original terminal (see CVE-2016-2779)
+
 - add functions strtime_short(), strtime_iso(), strtime_ctime(), ...
 
 - cleanup lib/path.c:
diff --git a/Documentation/releases/v2.29-ReleaseNotes b/Documentation/releases/v2.29-ReleaseNotes
index 656a6a9d6b..fe556039a2 100644
--- a/Documentation/releases/v2.29-ReleaseNotes
+++ b/Documentation/releases/v2.29-ReleaseNotes
@@ -4,8 +4,15 @@ Util-linux 2.29 Release Notes
 Security issues
 ---------------
 
-CVE-2016-2779 -- fixed by workeround based on libseccomp, the workaround
-                 disables TIOCSTI ioctl in su/runuser session.
+CVE-2016-2779
+
+This security issue is NOT FIXED yet.  It is possible to disable the ioctl
+TIOCSTI by setsid() only.  Unfortunately, setsid() has well-defined use cases
+in su(1) and runuser(1) and any changes would introduce regressions.  It seems
+we need a better way -- ideally another ioctl to disable TIOCSTI without
+setsid() or in userspace implemented pty container (planned as experimental
+feature).
+
 
 Stable maintenance releases between v2.28 and v2.29
 ---------------------------------------------------