https://bugzilla.mindrot.org/show_bug.cgi?id=2872
--- Comment #9 from Darren Tucker <[email protected]> --- I have two concerns: - I don't see how your change fixes it in the general case. Given the wall binary was not set[ug]id, how was your test user able to write to a mode 620 $user:$group pty? Given /dev/pts/3 in your example is has user:group mayank:staff I suspect both sender and recipients were members of "staff". - I don't see anything that sshd can currently do on AIX that does not reintroduce the unsafe behaviour we're trying to prevent. Rereading the discussion around CVE-2015-6565 (and in particular http://openwall.com/lists/oss-security/2017/01/31/13) it looks like that specific attack was a race in the Linux kernel, but my concern is that there's similar attacks on other platforms. Is it feasible to add a "tty" group make /usr/bin/wall setgid tty? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
