Re: /dev/vcs* perms (was: Re: should fte provide /usr/bin/editor?)
On 19 Sep 1997, Miquel van Smoorenburg wrote:
> >Login does something different: it can optionally put someone who logs in
> >in certain groups. In /etc/login.defs I have the following line:
> >
> >CONSOLE_GROUPS floppy:audio:cdrom
>
> So, I can login on the console, copy a shell to /tmp, and do:
>
> chgrp audio /tmp/bash
> chmod 2775 /tmp/bash
>
> and then I can use /dev/audio (+cdrom+floppy) even when I'm not logged
> in on the console.
>
> Looks like a security hole to me.
Well, this all depends on your situation, and it isn't enabled by default
(at least not on my system). If your computer is always behind locked
doors, then only the few people who normally have access can do this
(which you should somewhat trust). If your system isn't behind locked
doors, then this is the least of your security concerns. It's a
convienence. I personally enjoy playing sound effects on other computers
in our sun lab (you should see the other users reaction when their
computer starts mooing :-)
Brandon
-----
Brandon Mitchell E-mail: bhmit1@mail.wm.edu
Homepage: http://www.geocities.com/SiliconValley/7877/home.html
PGP: finger -l bhmit1@cs.wm.edu
"We all know Linux is great...it does infinite loops in 5 seconds."
--Linus Torvalds
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: