[91] in linux-security and linux-alert archive
Re: tty permissions
daemon@ATHENA.MIT.EDU (Andries.Brouwer@cwi.nl)
Fri Mar 10 03:43:08 1995
Date: Fri, 10 Mar 1995 08:33:45 +0100
From: Andries.Brouwer@cwi.nl
To: faith@cs.unc.edu, linux-security@tarsier.cv.nrao.edu
Reply-To: linux-security@tarsier.cv.nrao.edu
: > "MM" == Marek Michalkiewicz <ind43@ci3ux.ci.pwr.wroc.pl> writes:
: >
: > MM> I see one security problem with the standard util-linux login. When
: > MM> the user logs in, the permissions of this user's tty are set to 0622.
: > MM> [Explanation as to why this is A Bad Thing.]
: This was done this way in util-linux because it is the standard way of
: doing things in the unix world. The trade-off seems to be between having a
: writable tty when you want 'mesg y' and having a bunch of utilities setgid
: to tty (which might, in itself, be a security risk, but these utilities are
: fairly simple).
: I'll look into changing this for the next util-linux release.
I don't think mesg and family should be suid anything,
and I agree that tty permissions should be 0600 upon login.
People that want to allow messages can put "mesg y" in their .profile.
(I, and most people I know, have had "mesg n" in .profile the past
twenty years or so; giving people write permission to your tty
alows them to log you off ("stty 0 < /dev/tty1"), or do very obscure
things with tty modes and flags. Even when they have no malicious intent
it is very annoying to get some message across the output on your screen.)
Andries
