On Sun, Sep 10, 2000 at 09:56:30PM +0200, Marco d'Itri wrote: > On Sep 10, Tom Lees <[EMAIL PROTECTED]> wrote: > > >Terminal devices [1] root.tty 0666 > This is obviously wrong, ttys must have 620 permissions (or 600 if you > don't want people talk(1)ing to you, but I think the default should be > to allow it). > It's a huge security hole because with a ioctl you can inject commands > into shells not owned by you.
For ttys "owned" by a shell that's true, but it's set up by login(1), not MAKEDEV (or devfsd). For other ttys (vcs, not serial etc.), the current behaviour of MAKEDEV is to create them root.root 0666. Serial devices are created root.dialout 0660. -- Tom Lees <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]