Re: SE Linux play machine

To: Mark Eichin <eichin@thok.org>
Cc: debian-devel@lists.debian.org
Subject: Re: SE Linux play machine
From: Russell Coker <russell@coker.com.au>
Date: Thu, 20 Jun 2002 06:22:12 +0200
Message-id: <[🔎] 20020620042212.BDE7B388E@lyta.coker.com.au>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <[🔎] xe1660feyqh.fsf@swat.thok.org>
References: <[🔎] 20020618101836.8E5BB18D9@lyta.coker.com.au> <[🔎] 20020619210939.4E299196F@lyta.coker.com.au> <[🔎] xe1660feyqh.fsf@swat.thok.org>

On Wed, 19 Jun 2002 23:37, Mark Eichin wrote:
> > It has permissions to write to ttys,
>
> Hmm, so if you've got a privileged login on some tty, is it vulnerable
> to TIOCSTI?

No, a priv login changes the SE security context of the tty device for the 
session, and it can't be written to or read from by unpriv processes.

Try it.  ;)

-- 
I do not get viruses because I do not use MS software.
If you use Outlook then please do not put my email address in your
address-book so that WHEN you get a virus it won't use my address in the
>From field.


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- SE Linux play machine
  - From: Russell Coker <russell@coker.com.au>
- Re: SE Linux play machine
  - From: Russell Coker <russell@coker.com.au>
- Re: SE Linux play machine
  - From: Mark Eichin <eichin@thok.org>

Prev by Date: Re: PGI installer ISO image (BETA) for woody now available
Next by Date: Re: SE Linux play machine
Previous by thread: Re: SE Linux play machine
Next by thread: Re: SE Linux play machine
Index(es):
- Date
- Thread