diff options
| author | Eric Blake <ebb9@byu.net> | 2009-10-28 14:36:09 -0600 |
|---|---|---|
| committer | Eric Blake <ebb9@byu.net> | 2009-10-28 21:12:41 -0600 |
| commit | 1c59bb3cefff73c532033863e60e9130892a50dd (patch) | |
| tree | 42f89ad649d5be625ac200f044c3f7acd5ee5e08 /NEWS | |
| parent | 536a1fbe5ff47078d515a41ea4b45c4e0d794da2 (diff) | |
| download | coreutils-1c59bb3cefff73c532033863e60e9130892a50dd.tar.xz | |
nice, nohup, su: detect write failure to stderr
These programs can print non-fatal diagnostics to stderr prior to
exec'ing a subsidiary program. However, if we thought the situation
warranted a diagnostic, we insist that the diagnostic be printed
without error, rather than blindly exec, as it may be a security risk.
For an example, try 'nice -n -1 nice 2>/dev/full'. Failure to raise
priority (by lowering niceness) is not fatal, but failure to inform
the user about failure to change priority is dangerous.
* src/nice.c (main): Declare failure if writing advisory message
to stderr fails.
* src/nohup.c (main): Likewise.
* src/su.c (main): Likewise.
* tests/misc/nice: Test this.
* tests/misc/nohup: Likewise.
* NEWS: Document this.
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -21,6 +21,10 @@ GNU coreutils NEWS -*- outline -*- call fails with errno == EACCES. [the bug dates back to the initial implementation] + nice, nohup, and su now refuse to execute the subsidiary program if + they detect write failure in printing an otherwise non-fatal warning + message to stderr. + stat -f recognizes more file system types: afs, cifs, anon-inode FS, btrfs, cgroupfs, cramfs-wend, debugfs, futexfs, hfs, inotifyfs, minux3, nilfs, securityfs, selinux, xenfs |