>>[...] I wonder about group tty. > > Group tty exists to support write(1), wall(1) and similar. Terminals > are writable by group tty when mesg is "y" (default for non-root users).
We have write(1) and wall(1) setgid tty (and not setuid root) because we do not trust them. Should audit the sources, then could have them setuid root and do away with group tty. What mischief can be done by getting group tty? Could we do only what write(1) does, or could we insert keystrokes into someone's terminal and so execute arbitrary code? Much of UNIX is designed on the idea that it is difficult to "get" another user or group. The use of NFS (for any files, for user files, and in particular for user home directories) blows away some of that difficulty, relying on the exporter to keep things safe. That is why most (all??) exporters use the root_squash option; but become-any-user-but-root and become-any-group-but-root remains possible. In the presence of NFS, we (the local machine) cannot fully protect users; but must still protect root. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
