https://lists.debian.org/debian-devel/2014/01/msg00164.html Above is the URL for a post to debian-devel about su and exploits involving TIOCSTI ioctl. They mention runcon, should we be calling setsid() in there? I haven't inspected the runcon source recently, but a quick strace run on Debian/Unstable shows that setsid() isn't being called. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
