[Sudoscript-devel] Modification od script(1)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

I got a sugestion from Carl for a modification to sudoscript so
that it would only log commands typed by the user, so what you
would see in the log would be closer to what is there when a user
types sudo before everything. (Good user! Good!) I commented at the
time that the only way I could see to do this reliably would be to
modify script(1) to do the logging, since it's the only one that jnows
for sure what is input and what is output. I have since had a look
at the Red Hat source for script (from util-linux-2.11f) and it looks
like it would be fairly easy to do. What script does is fork twice to
create three processes:

	(void) signal(SIGCHLD, finish);
	child = fork();
	if (child < 0) {
		perror("fork");
		fail();
	}
	if (child == 0) {
		subchild = child = fork();
		if (child < 0) {
			perror("fork");
			fail();
		}
		if (child)
			dooutput();
		else
			doshell();
	} else
		(void) signal(SIGWINCH, resize);
	doinput();

	return 0;

One child execs the shell, and one does the output to the typescript.
The parent does the input side, which is what we'd be  interested in.
It looks like it would be trivial to hook in calls to syslog in the
input loop:

void
doinput() {
	register int cc;
	char ibuf[BUFSIZ];

	(void) fclose(fscript);

	while ((cc = read(0, ibuf, BUFSIZ)) > 0)
		(void) write(master, ibuf, cc);
	done();
}

We could also tag the log output with the user's name, obtained by
a getpwuid at startup. I have several worries about how to integrate
something like this into sudoscript:

o portability

	The Linux version appears to be based on BSD source, probably from
	4.4BSDlite. This means porting to the *BSDs should be easy. However,
	script uses ptys, which are different or non-existent on SysV derived
	unices.I don't know if there are any freely available sysV sources
	out there, so we might have to reinvent the wheel.

o complication

	Even though sudoscript doesn't hand out any privileges, relying on sudo 
for
	that, this is still security software, so keeping it simple is a great 
virtue.
	Maintaining a fork of script would complicate things.

I think we'd still want to offer the current style of logging, since 
script(1)
logs are a known (if not loved) quantity in the community.

Any thoughts?

(Carl, if you want, you can subscribe to sudoscript-devel by going to
http://lists.sourceforge.net/lists/listinfo/sudoscript-devel)

--
Howard Owen                    "Even if you are on the right
EGBOK Consultants               track, you'll get run over if you
hb...@eg...  +1-650-339-5733  just sit there." - Will Rogers