[81] in linux-security and linux-alert archive
Re: tty permissions
daemon@ATHENA.MIT.EDU (Jeff Uphoff)
Thu Mar 9 14:41:11 1995
Date: Thu, 9 Mar 1995 14:01:43 -0500
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: linux-security@tarsier.cv.nrao.edu
In-Reply-To: Your message of Thu, March 9, 1995 15:13:21 +0100
Reply-To: linux-security@tarsier.cv.nrao.edu
"MM" == Marek Michalkiewicz <ind43@ci3ux.ci.pwr.wroc.pl> writes:
MM> I see one security problem with the standard util-linux login. When
MM> the user logs in, the permissions of this user's tty are set to 0622.
MM> [Explanation as to why this is A Bad Thing.]
MM> But I think it would be better if the permissions were set to 0620, group
MM> "tty". Programs like write should be setgid tty and filter out control
MM> characters (write in util-linux already does this).
Note that since this appears only to affect 'login' tty's ('xterm' sets
perm's correctly to 0620, group "tty"), if a person is running X on the
system then the util's such as 'write' and 'wall' need to be setgid
anyway to work as intended. (At least in "stock" Slackware this is the
case...)
MM> In fact, the code to set right tty permissions exists in util-linux login.
MM> You only need to change a few #ifdefs and change mesg so it can set right
MM> permissions. Are there any good reasons it has not been done yet?
I hadn't noticed the interesting (Slackware-based) 'mesg'
permission-setting before (this is an 'xterm' tty):
<opens fresh 'xterm'>
juphoff.tarsier<501> tty
/dev/ttyp1
juphoff.tarsier<502> ls -l /dev/ttyp1
crw--w---- 1 juphoff tty 4, 193 Mar 9 13:50 /dev/ttyp1
juphoff.tarsier<503> mesg
Is n
juphoff.tarsier<504> mesg y
juphoff.tarsier<505> ls -l /dev/ttyp1
crw--w--w- 1 juphoff tty 4, 193 Mar 9 13:51 /dev/ttyp1
juphoff.tarsier<506> mesg n
juphoff.tarsier<507> ls -l /dev/ttyp1
crw------- 1 juphoff tty 4, 193 Mar 9 13:51 /dev/ttyp1
It might be worth passing the word to distribution maintainers that the
util's should probably be compiled more "restrictively" if there is such
an option and it isn't (or doesn't become) the default. (Are there any
conflicting views on this out there?) I know Marc Ewing (of Red Hat) is
on this channel, but I don't know if any other distribution maintainers
are.
If you're a distribution maintainer, could you please drop us a line?
("owner-linux-security@linux.nrao.edu" is best, since that's both Olaf
and me.) It'd be nice to know who in that field is on here and who
isn't.
Thanks much!
--Up.
--
Jeff Uphoff - systems/network admin. | juphoff@nrao.edu
National Radio Astronomy Observatory | jeff.uphoff@linux.org
Charlottesville, VA, USA | http://linux.nrao.edu/~juphoff/
