Bug 124960 - su adding CR when killed
Summary: su adding CR when killed
Status: RESOLVED NOT A BUG
Alias: None
Product: konsole
Classification: Applications
Component: general (show other bugs)
Version: unspecified
Platform: Debian testing Linux
: NOR normal
Target Milestone: ---
Assignee: Konsole Developer
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-04-05 11:18 UTC by thomas schorpp
Modified: 2006-05-12 16:43 UTC (History)
0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description thomas schorpp 2006-04-05 11:18:40 UTC 
Version:            (using KDE KDE 3.5.2)
Installed from:    Debian testing/unstable Packages
OS:                Linux

tom1:~# hdlock (without CR execution confirmation!), a customer script to lock the hd drives with ata-security is executed on kde logout->system shutdown and respective signals.

konsole must not execute scripts or call any CR-unconfirmed commands/executables at exit 
signals in any case.

bug severity was set to maximum cause this is a system security hazard that leaves 
the system in a broken state.

y
tom
Comment 1 thomas schorpp 2006-04-05 11:25:12 UTC 
bash version is 2.05b-26 debian stable.
Comment 2 Philip Rodrigues 2006-04-05 18:31:29 UTC 
I don't understand what you mean by CR confirmation. Could you explain more fully, and give the steps I would need to take to reproduce the bug?
Comment 3 thomas schorpp 2006-04-05 21:01:55 UTC 
CR=Carriage Return, Enter Key

1. open konsole
2. su to root
3. type some exe/script call like "echo shit_happens > 124960.txt" -dont press enter-
4. shutdown system with kde logout.

the command written at the prompt gets executed without confirmation 
by enter.
Comment 4 Philip Rodrigues 2006-04-06 23:51:05 UTC 
Same here. Only occurs when 'su' has been used. I didn't try 'su -' though. Do you get the same problem with 'su -'?
Comment 5 thomas schorpp 2006-04-07 08:59:40 UTC 
yes:

tom1:~# ls -l konsole.txt
-rw-r--r--  1 root root 5 Apr  7 08:29 konsole.txt

tom1:~# grep konsole.txt .bash_history
echo shit > konsole.txt

tom1:~# tail .bash_history
...
echo shit > konsole.txt

schorpp@tom1:~$ tail .bash_history
...
su -

now is konsole firing the echo on signal or bash on signal?
i cant see it clearly in the konsole sources.
should i forward a copy of this bug to bashbugs@gnu.org just 
to be sure the gnu guys are investigating this too?
Comment 6 Thorsten Roeder 2006-05-05 10:41:36 UTC 
It seems to be a su issue.
I'm getting the same when doing this on tty
(without using Konsole).

tty1:
su or su - to root
echo "BUG" > /tmp/124960.txt

tty2:
kill <PID of SU>
cat /tmp/124960.txt1

btw: my file name in /tmp has a trailing "1" added
before the echo signal is fired.

Thomas, yes please forward this issue. Thanks.
Comment 7 thomas schorpp 2006-05-05 10:50:54 UTC 
i have forwarded it weeks ago to "bashbugs@gnu.org" (whatever).
no answer.

it seems the gnu buglists or devs do only accept bugreport messages in console 
bugreport-tools formats.

pls some "old unix" guy should forward to gnu buglists.

;)
thx
Comment 8 Thorsten Roeder 2006-05-11 18:24:03 UTC 
bug report forwarded to the sudo maintainer since their bugzilla on http://www.sudo.ws/ is broken.
Comment 9 Kurt Hindenburg 2006-05-11 19:59:19 UTC 
I can't reproduce any of these examples... and not Konsole related.

GNU bash, version 3.1.16(1)-release (i686-pc-linux-gnu)                         
su: shadow-4.0.14-r1
Comment 10 thomas schorpp 2006-05-11 20:15:18 UTC 
then it was a bashbug in 2.05 debian stable.

suggest "fixed" status and forward to debian security maintainer *if* You open a docked konsole in konqueror and written stuff at the prompt *doesnt* get executed on cd'ing by mouseklick to other directory on the above konqueror directory treeview.
Comment 11 Kurt Hindenburg 2006-05-12 16:43:20 UTC 
glad it was fixed upstream