Bug#556522: hurd - using the login shell is insecure

To: Bastian Blank <waldi@debian.org>, 556522@bugs.debian.org
Subject: Bug#556522: hurd - using the login shell is insecure
From: <olafBuddenhagen@gmx.net>
Date: Tue, 17 Nov 2009 01:23:02 +0100
Message-id: <[🔎] 20091117002259.GJ19153@alien.local>
Reply-to: <olafBuddenhagen@gmx.net>, 556522@bugs.debian.org
In-reply-to: <[🔎] 20091116142745.GA5364@wavehammer.waldi.eu.org>
References: <[🔎] 20091116142745.GA5364@wavehammer.waldi.eu.org>

Hi,

On Mon, Nov 16, 2009 at 03:27:45PM +0100, Bastian Blank wrote:

> Hurd uses a login shell by default on the ttys. This is a security
> problem as it allows access with other permissions to all ressources.

This is not exactly true: actually the access of the login shell is
controlled by the "unknown" permissions -- a special fourth set of file
permission bits.

It's probably true though that this is identical to the "other"
permissions on a default Debian install...

-antrik-

Reply to:

Follow-Ups:
- Re: Bug#556522: hurd - using the login shell is insecure
  - From: Samuel Thibault <sthibault@debian.org>

References:
- Bug#556522: hurd - using the login shell is insecure
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: xorg-server_1.6.3.901-1+hurd.1_hurd-i386.changes ACCEPTED
Next by Date: Re: xorg-server_1.6.3.901-1+hurd.1_hurd-i386.changes ACCEPTED
Previous by thread: Bug#556522: hurd - using the login shell is insecure
Next by thread: Re: Bug#556522: hurd - using the login shell is insecure
Index(es):
- Date
- Thread