[1627] in linux-security and linux-alert archive
[linux-security] Unidentified subject!
daemon@ATHENA.MIT.EDU (Steven S. Dick)
Sat Sep 27 12:06:19 1997
Date: Sat, 27 Sep 1997 09:35:35 -0400 (EDT)
From: ssd@nevets.oau.org (Steven S. Dick)
To: tytso@MIT.EDU, <dholland@eecs.harvard.edu>, linux-security@redhat.com,
linu@nevets.oau.org
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
x-kernel@vger.rutgers.edu
Subject: Re: tty chowning
Newsgroups: mail.linux.kernel
In-Reply-To: <199709261901.PAA04763@dcl.MIT.EDU>
Organization:
Cc:
Bcc:
"Theodore Y. Ts'o" <tytso@MIT.EDU> writes:
> David Holland <dholland@eecs.harvard.edu> writes:
> } Why not build chowning into this process? On TIOCSCTTY, the tty would
> } chown itself to the effective uid of the current process and chmod
> } itself to 620. Then, on close, the tty would chown itself back to
> } root and chmod itself to 666.
>
>It's a not a bad idea, but it's not clear it meets your goal of not
>requiring any changes of any binaries. The problem is that in many
>cases, the TIOCSCTTY happens before the effective uid is set.
Yes, but in these cases, it is done by uid 0, and as David said,
the process can then chown the pty itself. Still no changes to the
program would be needed.
Steve
ssd@nevets.oau.org
--
----------------------------------------------------------------------
Please refere to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null