Bug#556522: hurd - using the login shell is insecure
Hi,
On Mon, Nov 16, 2009 at 03:27:45PM +0100, Bastian Blank wrote:
> Hurd uses a login shell by default on the ttys. This is a security
> problem as it allows access with other permissions to all ressources.
This is not exactly true: actually the access of the login shell is
controlled by the "unknown" permissions -- a special fourth set of file
permission bits.
It's probably true though that this is identical to the "other"
permissions on a default Debian install...
-antrik-
Reply to: