Subject: Re: Xauthority
To: Tom Pavel <PAVEL@SLAC.Stanford.EDU>
From: Wayne Berke <berke@panix.com>
List: netbsd-help
Date: 02/12/1996 17:37:43
Hmmm, I use xinit/login and don't really want to go to xdm.
The simple hack would seem to be a setuid program that chowned /dev/console
to the same owner as /dev/ttyv0 (or whatever the equivalent for pccons).
I have a sneaking suspicion that there's some security hole in this though.
Maybe Perry will yell at me for it. :-)
In message <199602121948.LAA27683@sunreine.SLAC.Stanford.EDU>, Tom Pavel writes
:
>
> >>>>> On Mon, 12 Feb 1996, Wayne Berke <berke@panix.com> writes:
>
> > I haven't been able to get the -C flag to work even _with_ the setuid bit
> > set. Has anyone?
>
> Yes. Actually, it was sort of accidental, but I just set up my system to
> start xdm at boot time. When I added the GiveConsole script (which does a
> chown on /dev/console), my "xterm -C" suddenly started catching the console
> messages.
>
> I've been confused for a while by this console thing on the i386 port with
> multiple vty's. On SunOS, for example, when I log into the machine, I log
> into /dev/console and the login program automatically gives me ownership of
> /dev/console. On NetBSD/i386 one doesn't log into /dev/console but
> /dev/vty0. Somehow console messages end up on vty #0, but the two devices
> are not the same.
> So, who should be able to write to /dev/console? Are there any security
> implications? Anyone have a clear picture of how this should work?
>
>
> Tom Pavel
>
> Stanford Linear Accelerator Center
> pavel@slac.stanford.edu http://www.slac.stanford.edu/~pavel/
>