[373] in linux-security and linux-alert archive
Re: Problem with /dev/ttyp*
daemon@ATHENA.MIT.EDU (Jon Lewis)
Tue Sep 19 21:35:17 1995
Date: Tue, 19 Sep 1995 17:58:39 -0400 (EDT)
From: Jon Lewis <jlewis@inorganic5.chem.ufl.edu>
To: Joe Portman <baron@aa.net>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.91.950919110219.19893D-100000@red.aa.net>
On Tue, 19 Sep 1995, Joe Portman wrote:
> cat /dev/ttyp? &
>
> It does not work every time, but occasionally it captures the login name
> and password of a careless user. It also prevents telnet logins on that
> ptyp/ttyp pair.
>
> 1. Is this a known bug? If so, how to fix it.
Looks known now...it works here too. :-)
> 2. If not, can you think of a workaround. I tried removing read permissions
> from the tty[p-s] series, but they come back after a telnet session exits.
They probably came back because in sys_term.c of the telnetd source they do:
(void) chmod(line, 0666);
(void) chown(line, 0, 0);
at logout on the tty/pty pair.
The question is, is there a reason for this. I don't see one...and will
try changing the mode to 0600 and compiling real soon...but I've had bad
luck compiling most of the stuff from the Netkits.
------------------------------------------------------------------
Jon Lewis | Mime attachments are OK
jlewis@inorganic5.chem.ufl.edu | But please ask before sending
http://inorganic5.chem.ufl.edu | unsolicited huge files.
|
_____Finger jlewis@inorganic5.chem.ufl.edu for PGP public key_____
