[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/ttyS? dialin/dialout and modes.

According to Andreas Jellinghaus:
> > Now I see that the bootfloppies have the /dev/ttySx devices owned by
> > root instead of uucp. I think this is a bug, but I don't know how
> > to file a bug report against the disks-i386 directory..
> i don't know why they should be owned by uucp ...

Because uucp needs to access the dialout devices without being in
group dialout.

> > Note that UUCP still is an important subsystem, and that currently some
> > parts of it (uucico) are setgid dialout, and so other programs have to
> > be setuid uucp to call uucico etc. 
> ??? uucico is sgid dialout, so it can access /dev/tty*. no need to
> change owner to uucp...

But that's the point. uucico -shouldn't- be setgid because it wasn't
designed to be setgid. It should also be in group uucp, so that
other programs can call it that are setgid uucp.

> and uucico is also suid uucp, so any program can call it (it doesn't
> need to be also sgid uucp).

No, but other setgid uucp programs should be able to call uucico.

[other convincing reasons not to use uucp:dialout deleted]

> > I've been using /dev/ttyS* exclusively for some time and
> > it seems to work fine (using mgetty for dialin and /etc/mgetty/login.config
> > setup to set the device owner/modes to uucp:dialout 0660. That should
> > be a compiled-in default).
> same for me. but i still don't know, whats wrong with tty* owned by
> root. everything works for me...

I'll have to dig into the code of uucico to see how safe it is,
and contemplate on this some more before I can eleborate.

In the mean time, I've filed bug reports against all getty packages
to set the modes to uucp:dialout/0660. While that isn't perfect
if you are right and root:dialout would be better, it is the first
step in the right direction.

|    Miquel van      |  "I need more space" "Well, why not move to Texas" |
| miquels@cistron.nl |  "No, on my account, stupid." "Stupid? Uh-oh.."    |
|   PGP fingerprint: FE 66 52 4F CD 59 A5 36  7F 39 8B 20 F1 D6 74 02     |

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: