Re: Security implications of tty group?

To: debian-security@lists.debian.org
Subject: Re: Security implications of tty group?
From: be-news06@lina.inka.de (Bernd Eckenfels)
Date: Wed, 25 Jan 2006 14:07:06 +0100
Message-id: <[🔎] E1F1kMc-0001ck-00@calista.inka.de>
In-reply-to: <[🔎] 43D759C5.5010804@yahoo.co.uk>

Thomas Hood <jdthood@yahoo.co.uk> wrote:
> What are the security implications of a tty device node failing to belong
> to group "tty"?

It depends on who has access to that group, what are the permissions of the
tty and what is intended.

Generally you want to restrict write access to a tty to a trusted person,
because otherwise she can use escape sequences to cause all kind of
provblems (reprogramming keyboard, playing ascii movies, reading screen).
write(1) can filter messages, and it enforces the clean-ness. Therefore it
uses sguid tty. So if a user says "mesg yes" she wants actually allow write
access and not raw access. Thats why a warning is a good thing.

Gruss
Bernd

Reply to:

References:
- Security implications of tty group?
  - From: Thomas Hood <jdthood@yahoo.co.uk>

Prev by Date: Re: Security implications of tty group?
Next by Date: Re: [SECURITY] [DSA 955-1] New mailman packages fix denial of service
Previous by thread: Re: Security implications of tty group?
Next by thread: Re: [SECURITY] [DSA 955-1] New mailman packages fix denial of service
Index(es):
- Date
- Thread