[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]



Hi,  I am wandering how others felt on this 244751 fix.  I felt this will
cause hassles for all local admin but does not really provide any gains
in the aimed objective.

On Sat, Apr 24, 2004 at 04:48:30PM +0200, Jan Minar wrote:
> On Fri, Apr 23, 2004 at 04:03:06PM -0700, Debian Bug Tracking System wrote:
> >    * change default permission on tty devices from 0666 to 0660, which makes
> >      denial of service attacks on the console by local users harder,
> >      closes: #244751
> 
> 0660 probably is too much; 0620 would be probably more appropriate.
> Would any of your devel people have problems with /dev/tty[0-9]* being
> not group readable?

I do not quite understand above but this new change of /sbin/MAKEDEV
certainly caused me to change my entire system.  Now I have to list all
real uses as group "tty" to be able to use gpg, mutt/url_view etc.  So
many packages are affected.  /dev/tty?? is one thing but putting
restrictive permission to /dev/tty has caused hassle for me.

> Now the only programs I have here which are sgid tty are these 2:
> 
> -rwxr-sr-x    1 root     tty          9736 Dec 24  2002 /usr/bin/wall
> -rwxr-sr-x    1 root     tty          7540 Jul  4  2002 /usr/bin/write

In my system:
-rwxr-sr-x    1 root     tty          7960 Apr 11 01:27 bsd-write
-rwxr-sr-x    1 root     tty          9816 Dec  7 04:35 wall

> ..And I know of one other one: talkd. These wouldn't use read
> permissions, afaik.

I wonder if we all want to put sgid tty for all tty accessing program
such as gpg. (Alternatively adding everyone to tty group)

Also, I wonder how much we gained from this fix.  As long as we have
sgid tty program such as wall, we can write to terminal doing some damage :)

I am talking issues solved by this fix:
 With this bug present, any process in the system, that is, any user
 logged in or for example able to write to a random file, can 'control'
 an unused virtual terminal, because  /dev/tty[0-9]* is world writable
 for high, unused tty's.

With such sgid programs, anyone have decent access to these terminals.

Am I confused about situation?

If we want to limit the console access to /dev/tty, it looks to me that
we may need a bit careful arrangement.

Osamu



Reply to: