[390] in linux-security and linux-alert archive
Re: Problem with /dev/ttyp*
daemon@ATHENA.MIT.EDU (Zygo Blaxell)
Mon Sep 25 12:28:01 1995
From: Zygo Blaxell <zblaxell@miranda.uwaterloo.ca>
To: florian@jurix.jura.uni-sb.de
Date: Mon, 25 Sep 1995 01:30:37 -0400 (EDT)
Cc: jlewis@inorganic5.chem.ufl.edu, baron@aa.net,
linux-security@tarsier.cv.nrao.edu
Reply-To: zblaxell@calum.csclub.uwaterloo.ca
In-Reply-To: <199509201146.NAA18015@jurix.jura.uni-sb.de> from "Florian La Roche" at Sep 20, 95 01:46:01 pm
Quoted from Florian La Roche:
> The real problem is getty_ps, which has still a "chmod 666" in it, so that the
That's a bug. I found that months ago, and reported it to the author
(there's also a 'chown' that can be fooled by symlinks). (sigh,
that's like the fifth bug I found a year ago that's still floating
around everywhere. Maybe what Linux needs is a good solid WWW-accessible
bug database, if only so that developers can stop making the same mistakes
over and over again, and so distribution maintainers can stop compiling
binaries with the same bugs over and over again).
> time, people can start that "cat /dev/tty..." is pretty long.
> Fixing that, will give you a very short amount of time to do this.
> But you are right, that also telnetd should be changed to not do a
> "chmod 666" on exit. It should be "chmod 600" in my opinion.
If you do this, then emacs, script, term, and friends won't be able to
get pty services in programs. Not that this is a bad thing, though;
they will certainly not be able to use the pty's securely if just anyone
can open them.
--
Zygo Blaxell, former sysadmin and software/hardware guru for the University of
Waterloo Computer Science Club; current sysadmin for miranda.uwaterloo.ca and
Myrus Design, Inc. 10th place team, ACM Programming Contest International
Finals 1994. Will administer Unix (esp. Linux) for warm clothing or anime.
"I was finding holes in Netscape long ago; serious bugs any wannabe could
exploit. But now that _everyone_ is doing it, it's just not _cool_ any more."
