|
|
Subscribe / Log in / New account

Sudo and its alternatives

Sudo and its alternatives

Posted Feb 21, 2024 20:49 UTC (Wed) by josh (subscriber, #17465)
In reply to: Sudo and its alternatives by sping
Parent article: Sudo and its alternatives

Current Linux does have an in-kernel approach to TIOCSTI mitigation as well.

That does not invalidate your point: yes, any alternative to sudo should carefully address TIOCSTI and TIOCLINUX, which the original sudo and sudo-rs both do but many other things don't.

to post comments

Sudo and its alternatives

Posted Feb 21, 2024 22:08 UTC (Wed) by sping (guest, #103256) [Link]

I would like to add that not all Linux distros disable TIOCSTI via default kernel config (Debian bookworm does not, Arch does), and it needs a recent enough kernel also to even have that option (not ignoring backports). Plus TIOCSTI has less common but benign use cases, so not everyone will be happy with disabling it system-wide even if technically possible.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds