reassigning as discussed some time ago
reassign 25847 makedev
retitle 25847 makedev: /dev/tty[0-9]* shouldn't be world-writeable
thanks
OK, let's get this old bug away from general. Ethan Benson wrote some
time back:
> On Mon, Jul 09, 2001 at 06:49:54PM +0100, Colin Watson wrote:
> > They're root:root mode 0600 on my system, but I'm running mingettys.
> > Anybody?
>
> getty in woody and potato changes the permissions to 622. mingetty
> correctly changes them to 0600.
Since util-linux 2.11e, getty has set the permissions to 0600.
> > Patrik Rak wrote:
> > > Is it ok that anybody can write anything to any
> > > other tty (/dev/tty7-63) (fake log messages on /dev/tty8 come in mind) ?
> >
> > If you use a tty for logging, you should probably restrict its
> > permissions ... your changes should be preserved.
>
> this is a more serious bug then that, it was fixed but is now unfixed
> (i just rm -fed all my tty[0-9]* devices and reran MADEDEV console,
> all ttys were created 0666). bug#77168
>
> makedev (2.3.1-48) unstable; urgency=3Dlow
>
> * tighten up permissions on /dev/tty[0-XX] and /dev/kbd, closes: #77168
>
> -- Bdale Garbee <bdale@gag.com> Sat, 25 Nov 2000 09:45:42 -0700
>
> > If #2 is really done, and if #6 is the same for gettys as for mingettys,
> > then all of the other concerns seem to have been addressed by now. Can
> > we close this bug? Otherwise we should reassign it to whichever
> > package(s) still have problems.
>
> getty should be fixed, and makedev should refix bug#77168
I believe tty writeability is the only part of this bug that's still
open, so I'm reassigning it to makedev. I'm assuming that restricting
the permissions of inactive ttys won't break anything, but I haven't
checked.
--
Colin Watson [cjwatson@flatline.org.uk]
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: