[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: devfsd permissions and makedev permissions coordination

On Sep 10, Tom Lees <tal26@cam.ac.uk> wrote:

 >Terminal devices [1]				root.tty 0666
This is obviously wrong, ttys must have 620 permissions (or 600 if you
don't want people talk(1)ing to you, but I think the default should be
to allow it).
It's a huge security hole because with a ioctl you can inject commands
into shells not owned by you.


To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: