On Sun, Sep 10, 2000 at 09:56:30PM +0200, Marco d'Itri wrote:
> On Sep 10, Tom Lees <[EMAIL PROTECTED]> wrote:
> 
>  >Terminal devices [1]                                root.tty 0666
> This is obviously wrong, ttys must have 620 permissions (or 600 if you
> don't want people talk(1)ing to you, but I think the default should be
> to allow it).
> It's a huge security hole because with a ioctl you can inject commands
> into shells not owned by you.

For ttys "owned" by a shell that's true, but it's set up by login(1), not
MAKEDEV (or devfsd). For other ttys (vcs, not serial etc.), the current
behaviour of MAKEDEV is to create them root.root 0666. Serial devices are
created root.dialout 0660.

-- 
Tom Lees <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to