Re: /dev/vcs* perms (was: Re: should fte provide /usr/bin/editor?)
In article <[🔎] 199709191235.OAA14470@hermes.wi.leidenuniv.nl>,
Wichert Akkerman <wakkerma@wi.leidenuniv.nl> wrote:
>
>> While we're at it, shouldn't login also chown /dev/audio, /dev/fd[01] and
>> the like for console-logins? Of course, xdm would have to do this as well.
>
>Login does something different: it can optionally put someone who logs in
>in certain groups. In /etc/login.defs I have the following line:
>
>CONSOLE_GROUPS floppy:audio:cdrom
>
>This puts everyone who logs in on the console in groups floppy, audio and
>cdrom. Now if only xdm could do the same for everyone who logs in on
>the local console...
So, I can login on the console, copy a shell to /tmp, and do:
chgrp audio /tmp/bash
chmod 2775 /tmp/bash
and then I can use /dev/audio (+cdrom+floppy) even when I'm not logged
in on the console.
Looks like a security hole to me.
Mike.
--
| Miquel van Smoorenburg | |
| miquels@cistron.nl | Owners of digital watches, your days are numbered. |
| PGP fingerprint: FE 66 52 4F CD 59 A5 36 7F 39 8B 20 F1 D6 74 02 |
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: