Package: makedev
Version: 2.3.1-58
Severity: important
Tags: security
Hi
Please check the permissions of /dev/tty([0-9])*, they seem to be a
free-for-all, which is no good.
Thanks to Stephen Gran for telling me who to bug.
The following patch would do, afaict:
--- /sbin/MAKEDEV.ORIG Mon Apr 19 22:58:21 2004
+++ /sbin/MAKEDEV Mon Apr 19 22:58:39 2004
@@ -14,7 +14,7 @@
private=" root root 0600"
system=" root root 0660"
kmem=" root kmem 0640"
- tty=" root tty 0666"
+ tty=" root tty 0600"
cons=" root tty 0600"
vcs=" root root 0600"
dialout=" root dialout 0660"
This is the discussion on debian-security that lead to this bugreport:
On Mon, Apr 19, 2004 at 04:15:41PM -0400, Stephen Gran wrote:
> This one time, at band camp, Matt Zimmerman said:
> > On Mon, Apr 19, 2004 at 09:31:27PM +0200, Jan Minar wrote:
> > > % ssh kh
> > > jan@kh's password:
> > > Linux kontryhel 2.4.26-jan #3 SMP Mon Apr 19 05:00:00 CEST 2004 i686 unknown
> > > % echo 'Morning, Mister root, welcome to a jail 8-)' > /dev/tty63
> > > % while :; do echo -e '\033[12;63]' > /dev/tty63; done
> >
> > The relevant permissions are more restrictive with udev:
> >
> > crw------- 1 root root 4, 63 2004-03-17 16:23 /dev/tty63
>
> And on a newly installed sid box:
> crw------- 1 root tty 4, 63 2004-03-23 16:49 /dev/tty63
>
> No udev here. Previous installs may have had bad permissions, but
> current ones do not. Perhaps, Jan, if you're interested, file a bug
> against makedev or one fo the other associated packages, asking them to
> check the permissions on these devices on upgrade, and correct if
> necessary. Seems trivial enough to do. A patch would probably not
> hurt.
-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux kontryhel 2.4.26-jan #3 SMP Mon Apr 19 05:00:00 CEST 2004 i686
Locale: LANG=C, LC_CTYPE=cs_CZ.ISO-8859-2
Versions of packages makedev depends on:
ii base-passwd 3.4.1 Debian Base System Password/Group
Attachment:
pgpMJZKZO9EsE.pgp
Description: PGP signature