[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#556522: hurd - using the login shell is insecure


On Mon, Nov 16, 2009 at 03:27:45PM +0100, Bastian Blank wrote:

> Hurd uses a login shell by default on the ttys. This is a security
> problem as it allows access with other permissions to all ressources.

This is not exactly true: actually the access of the login shell is
controlled by the "unknown" permissions -- a special fourth set of file
permission bits.

It's probably true though that this is identical to the "other"
permissions on a default Debian install...


Reply to: