X-Git-Url: https://ruderich.org/simon/gitweb/?p=ptyas%2Fptyas.git;a=blobdiff_plain;f=README.adoc;fp=README.adoc;h=64c1fa7d46955fb7fc36403c18c6d913f7756b63;hp=0000000000000000000000000000000000000000;hb=09096d9ba0eb9bc938b7bd050a89abd949bf7257;hpb=192cbf9dfffa832434bf81a5ff7ee43190a3ce22 diff --git a/README.adoc b/README.adoc new file mode 100644 index 0000000..64c1fa7 --- /dev/null +++ b/README.adoc @@ -0,0 +1,63 @@ +README +====== + +ptyas is a small su/sudo replacement which prevents TTY hijacking by starting +a new session with a separate terminal and proxying all input. + +It must be run as root and changes the owner to the specified user name, +permanently dropping all root permissions. + +For details about the possible attacks see +https://ruderich.org/simon/notes/su-sudo-from-root-tty-hijacking + +ptyas is licensed under AGPL version 3 or later. + + +DEPENDENCIES +------------ + +- C99 compiler +- UNIX 98 pseudoterminals + + +USAGE +----- + + ptyas [] + +If no command is given, the user's shell is started. Otherwise the command is +executed (which is useful if the user's shell is disabled). + + +BUGS +---- + +If you find any bugs not mentioned in this document please report them to + with ptyas in the subject. + + +AUTHORS +------- + +Written by Simon Ruderich . + + +LICENSE +------- + +ptyas is licensed under AGPL version 3 or later. + +Copyright (C) 2016-2019 Simon Ruderich + +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU Affero General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU Affero General Public License for more details. + +You should have received a copy of the GNU Affero General Public License +along with this program. If not, see .