[104] in linux-security and linux-alert archive
Re: tty permissions
daemon@ATHENA.MIT.EDU (Carlos Carvalho)
Fri Mar 10 16:42:40 1995
Date: Fri, 10 Mar 1995 13:13:32 -0300
From: Carlos Carvalho <carlos@snfep1.if.usp.br>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <9503091513.aa19965@ci3ux.ci.pwr.wroc.pl>
Reply-To: linux-security@tarsier.cv.nrao.edu
Marek Michalkiewicz (ind43@ci3ux.ci.pwr.wroc.pl) wrote on 9 March 1995 15:13:
>I see one security problem with the standard util-linux login. When
>the user logs in, the permissions of this user's tty are set to 0622.
>This allows anyone to write anything, including some dangerous control
>codes
[deleted]
>But I think it would be better if the permissions were set to 0620, group
>"tty". Programs like write should be setgid tty and filter out control
>characters (write in util-linux already does this).
Agreed. Talk then must also be like this. On the other hand, one could
argue that the user can always change the permissions of /dev/tty...
I have a related question. Yesterday I was at the console, and someone
else "telneted" from a dos machine. He mistakenly called startx, and
the X server did start, changing the CONSOLE, where I was, from my vc
to the usual X vc (7, here). How can this be avoided? Do we have to
remove the permission from all the tty's?
Carlos
