On Thu, Sep 03, 2009 at 02:58:13PM +0200, Jan Stary wrote:
| While switching from screen to tmux and trying out things,
| I noticed that being su'd to another user (who does not
| own the terminal I am running in) I cannot start tmux:
|
| $ id
| uid=1000(hans) gid=1000(hans) groups=1000(hans), 0(wheel), 5(operator)
|
| $ su - test
| Password:
|
| $ id
| uid=1001(test) gid=999(test) groups=999(test)
|
| $ tmux
| open terminal failed: /dev/ttyp4: Permission denied
|
| $ ls -l `tty`
| crw--w---- 1 hans tty 5, 4 Sep 3 14:41 /dev/ttyp4
|
| This happens on both 4.5 (tmux package) and 4.6 (base tmux).
| (In fact, screen behaves the same in this respect.)
|
| Obviously, this doesn't apply when I am su root, which
| - luckilly - is the most common case of using tmux for me.
| But I believe the following is a pretty common situation:
| an admin is only allowed to log in remotely via his 'regular'
| user account (say, 'joe'). Once he's logged in, he su's to
| 'admin' (who is in wheel and all that), and does his thing.
| Now, what if the 'admin' work calls for tmux? 'admin' cannot
| run tmux, because his terminal is owned by joe:tty.
|
| Is this a problem? If so, what would be the most elegant
| way of allowing su'd users to run tmux?
THIS IS BAD ADVISE, SECURITY-WISE
chmod a+w `tty` # before you su, of course
Please realize what this does before using it.
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
