Re: Bug#556522: hurd - using the login shell is insecure

To: debian-hurd@lists.debian.org
Subject: Re: Bug#556522: hurd - using the login shell is insecure
From: Samuel Thibault <sthibault@debian.org>
Date: Wed, 18 Nov 2009 01:20:33 +0100
Message-id: <[🔎] 20091118002033.GD4889@const.famille.thibault.fr>
Mail-followup-to: debian-hurd@lists.debian.org
In-reply-to: <[🔎] 20091117002259.GJ19153@alien.local>
References: <[🔎] 20091116142745.GA5364@wavehammer.waldi.eu.org> <[🔎] 20091117002259.GJ19153@alien.local>

olafBuddenhagen@gmx.net, le Tue 17 Nov 2009 01:23:02 +0100, a écrit :
> On Mon, Nov 16, 2009 at 03:27:45PM +0100, Bastian Blank wrote:
> > Hurd uses a login shell by default on the ttys. This is a security
> > problem as it allows access with other permissions to all ressources.
> 
> This is not exactly true: actually the access of the login shell is
> controlled by the "unknown" permissions -- a special fourth set of file
> permission bits.

Which still permits to fill /tmp with files, that's not something Debian
probably likes to allow by default.

Samuel

Reply to:

Follow-Ups:
- Re: Bug#556522: hurd - using the login shell is insecure
  - From: <olafBuddenhagen@gmx.net>

References:
- Bug#556522: hurd - using the login shell is insecure
  - From: Bastian Blank <waldi@debian.org>
- Bug#556522: hurd - using the login shell is insecure
  - From: <olafBuddenhagen@gmx.net>

Prev by Date: Re: xorg-server_1.6.3.901-1+hurd.1_hurd-i386.changes ACCEPTED
Next by Date: Re: [debian-hurd-Patches][305130] native backend for hal
Previous by thread: Bug#556522: hurd - using the login shell is insecure
Next by thread: Re: Bug#556522: hurd - using the login shell is insecure
Index(es):
- Date
- Thread