[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/ttyS? dialin/dialout and modes.

On Apr 22, Miquel van Smoorenburg wrote
> I've just filed bug reports against mgetty, getty and getty-ps mentioning
> that they should set the tty device to owner uucp:dialout, mode 0660.

i can change that in makedev, but currently it creates all tty* deveices
with 660 root.dialout ...

> Now I see that the bootfloppies have the /dev/ttySx devices owned by
> root instead of uucp. I think this is a bug, but I don't know how
> to file a bug report against the disks-i386 directory..

i don't know why they should be owned by uucp ...

> Note that UUCP still is an important subsystem, and that currently some
> parts of it (uucico) are setgid dialout, and so other programs have to
> be setuid uucp to call uucico etc. 

??? uucico is sgid dialout, so it can access /dev/tty*. no need to
change owner to uucp...
and uucico is also suid uucp, so any program can call it (it doesn't
need to be also sgid uucp).

> As not all programs of the uucp suite were designed foor this I'm not
> quite sure it is 100% safe, so I think the owner of the dialout
> devices should be uucp:dialout instead of root:dialout.

on my system, only two uu* programs are suid/sgid :
uucp is suid uucp, and uucico is suid uucp sgid dialout. that's fine.

changing root:dialout to uucp:dialout is unneccessary, as uucp is
working ok, and you will not win anything. uucp still has to be suid
uucp, and also uucico has to be suid uucp.

and having uucico sgid dialout isn't a bad thing IMO.

> The same goes for makedev (actually /etc/makedev.cfg); should I file
> a bug report against that as well?

i can change it today, but i don't know, whats wrong with it...
uucp does not need to have tty* user uucp. you would not need to make
uucico sgid dialout, but is that a bad thing ?
you could however make uucico 6754 (now it's 6755), so only users in
group dialout can force uucico to dialout (and waste money)..

> As soon as that has been sorted out I think we can stop using /dev/cua*
> totally; 

new makedev >> 1.6-1 doesn't create cu* devices by default. if you want
them, you wil lhave to create them with "MAKEDEV serial-cu" or 
"MAKEDEV cua0 cua1 ..."

> I've been using /dev/ttyS* exclusively for some time and
> it seems to work fine (using mgetty for dialin and /etc/mgetty/login.config
> setup to set the device owner/modes to uucp:dialout 0660. That should
> be a compiled-in default).

same for me. but i still don't know, whats wrong with tty* owned by
root. everything works for me...

regards, andreas

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: