Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]

To: Jan Minar <jjminar@fastmail.fm>, 244751@bugs.debian.org, debian-devel@lists.debian.org
Subject: Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]
From: Osamu Aoki <osamu@debian.org>
Date: Tue, 27 Apr 2004 00:07:59 +0200
Message-id: <[🔎] 20040426220759.GB19242@aokiconsulting.com>
Mail-followup-to: Jan Minar <jjminar@fastmail.fm>, 244751@bugs.debian.org, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20040424144830.GA11867@kontryhel.haltyr.dyndns.org>
References: <E1BH9Rn-0007mP-00@newraff.debian.org> <20040419210713.GA15031@kontryhel.haltyr.dyndns.org> <handler.244751.D244751.108276078725736.notifdone@bugs.debian.org> <[🔎] 20040424144830.GA11867@kontryhel.haltyr.dyndns.org>

Hi,  I am wandering how others felt on this 244751 fix.  I felt this will
cause hassles for all local admin but does not really provide any gains
in the aimed objective.

On Sat, Apr 24, 2004 at 04:48:30PM +0200, Jan Minar wrote:
> On Fri, Apr 23, 2004 at 04:03:06PM -0700, Debian Bug Tracking System wrote:
> >    * change default permission on tty devices from 0666 to 0660, which makes
> >      denial of service attacks on the console by local users harder,
> >      closes: #244751
> 
> 0660 probably is too much; 0620 would be probably more appropriate.
> Would any of your devel people have problems with /dev/tty[0-9]* being
> not group readable?

I do not quite understand above but this new change of /sbin/MAKEDEV
certainly caused me to change my entire system.  Now I have to list all
real uses as group "tty" to be able to use gpg, mutt/url_view etc.  So
many packages are affected.  /dev/tty?? is one thing but putting
restrictive permission to /dev/tty has caused hassle for me.

> Now the only programs I have here which are sgid tty are these 2:
> 
> -rwxr-sr-x    1 root     tty          9736 Dec 24  2002 /usr/bin/wall
> -rwxr-sr-x    1 root     tty          7540 Jul  4  2002 /usr/bin/write

In my system:
-rwxr-sr-x    1 root     tty          7960 Apr 11 01:27 bsd-write
-rwxr-sr-x    1 root     tty          9816 Dec  7 04:35 wall

> ..And I know of one other one: talkd. These wouldn't use read
> permissions, afaik.

I wonder if we all want to put sgid tty for all tty accessing program
such as gpg. (Alternatively adding everyone to tty group)

Also, I wonder how much we gained from this fix.  As long as we have
sgid tty program such as wall, we can write to terminal doing some damage :)

I am talking issues solved by this fix:
 With this bug present, any process in the system, that is, any user
 logged in or for example able to write to a random file, can 'control'
 an unused virtual terminal, because  /dev/tty[0-9]* is world writable
 for high, unused tty's.

With such sgid programs, anyone have decent access to these terminals.

Am I confused about situation?

If we want to limit the console access to /dev/tty, it looks to me that
we may need a bit careful arrangement.

Osamu

Reply to:

Follow-Ups:
- Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not?
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]
  - From: Osamu Aoki <osamu@debian.org>

References:
- /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]
  - From: Jan Minar <jjminar@fastmail.fm>

Prev by Date: Re: Social Contract GR's Affect on sarge
Next by Date: Re: Social Contract GR's Affect on sarge
Previous by thread: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not? [Was: Bug#244751 acknowledged by developer (Bug#244751: fixed in makedev 2.3.1-67)]
Next by thread: Re: /dev/tty[0-9]* should be chmod 0620, not 0660 -- or not?
Index(es):
- Date
- Thread