Re: The Hamm Bugs Stamp-Out List for 1998-06-08

To: Richard Braakman <dark@xs4all.nl>, debian-devel@lists.debian.org
Subject: Re: The Hamm Bugs Stamp-Out List for 1998-06-08
From: Joel Klecker <jk@espy.org>
Date: Mon, 8 Jun 1998 19:05:31 -0700
Message-id: <v0401171eb1a24729b43f@[206.163.71.146]>
In-reply-to: <E0yjDDm-00013C-00@night>

At 18:29 -0700 1998-06-08, Richard Braakman wrote:
>Package: login
>Maintainer: Guy Maor <maor@debian.org>
>  22191  login: does not chown /dev/vcs* anymore

As I quoted in a reply to 22191:

Here's what the author says in libmisc/chowntty.c:

#ifdef __linux__
        /*
         * Please don't add code to chown /dev/vcs* to the user logging in -
         * it's a potential security hole.  I wouldn't like the previous user
         * to hold the file descriptor open and watch my screen.  We don't
         * have the *BSD revoke() system call yet, and vhangup() only works
         * for tty devices (which vcs* is not).  --marekm
         */
#endif
}
--
Joel "Espy" Klecker
Debian GNU/Linux Developer
<mailto:jk@espy.org>
<http://web.espy.org/>


--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: The Hamm Bugs Stamp-Out List for 1998-06-08
  - From: Remco Blaakmeer <remco@blaakmeer.student.utwente.nl>

Prev by Date: Re: Corel Network Computer Port
Next by Date: Re: Uploaded mpsql 2.0-1 (source i386) to erlangen
Previous by thread: Re: burning debian 2.0 cdroms
Next by thread: Re: The Hamm Bugs Stamp-Out List for 1998-06-08
Index(es):
- Date
- Thread