[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/vcs* perms (was: Re: should fte provide /usr/bin/editor?)

In article <[🔎] 199709191235.OAA14470@hermes.wi.leidenuniv.nl>,
Wichert Akkerman <wakkerma@wi.leidenuniv.nl> wrote:
>
>> While we're at it, shouldn't login also chown /dev/audio, /dev/fd[01] and
>> the like for console-logins? Of course, xdm would have to do this as well.
>
>Login does something different: it can optionally put someone who logs in
>in certain groups. In /etc/login.defs I have the following line:
>
>CONSOLE_GROUPS          floppy:audio:cdrom
>
>This puts everyone who logs in on the console in groups floppy, audio and
>cdrom. Now if only xdm could do the same for everyone who logs in on
>the local console...

So, I can login on the console, copy a shell to /tmp, and do:

chgrp audio /tmp/bash
chmod 2775 /tmp/bash

and then I can use /dev/audio (+cdrom+floppy) even when I'm not logged
in on the console.

Looks like a security hole to me.

Mike.
-- 
| Miquel van Smoorenburg |                                                    |
| miquels@cistron.nl     | Owners of digital watches, your days are numbered. |
|     PGP fingerprint: FE 66 52 4F CD 59 A5 36  7F 39 8B 20 F1 D6 74 02       |


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .
Reply to: