>From the bug reporter: ===================================== su cannot be terminated by pressing ctrl+c (sending a SIGINT to the process). It appears this change was made about 4 years ago in response to bug #52372. There it was suggested the being able to terminate su was a security issue. This is a weak claim at best since the ability to su can be restricted to certain users and even with only one login, a user can run many instances of su concurrently.
However, my main point is that su does not ignore SIGQUIT and thus can be terminated immediately by pressing ctrl+\ . Other signals probably will terminate su as well. My suggestion is to revert the changes that ignore SIGINT during authentication. I suspect that this will be a simple change to reverse, but if you wish, I will gladly submit a patch for this. I am using the unstable distribution (sid) of Debian GNU/Linux. I suspect that this issue is present in other versions as well. This issue also exists in login version 4.0.3-30.4 using the testing distribution of Debian GNU/Linux. ===================================== This is done in 008_su_ignore_SIGINT Nicolas, could we also have su ignore SIGQUIT the same way? Would it be worth implementing upstream (both signal ignored) os is this too Debian specific? -- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
