On Thu, May 12, 2005 at 06:34:35PM +0200, Christian Perrier wrote: > > Ben Collins answer to #59439 seems to make sense to me. I tested all > this and, with the default setting of TTYPERM 0600 we have in Debian, > users cannot use write to another user unless that user issues "dmesg > y" in his/her terminal. > > This is a secure default which shouldn't probably be changed. > > So, the only concernis maybe adding some more comments to > /etc/login.defs:
A small reformulation, maybe. > # In Debian /usr/bin/bsd-write or similar programs are setgid tty > # However, the default and recommended value for TTYPERM is still 0600 > # to not allow anyone to write to anyone else console or terminal > # Users can overwrite this setting by using the "dmesg y" command Users can still allow other people to write them by issuing the "dmesg y" command. Thanks, Mt.
signature.asc
Description: Digital signature