[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/etc
On Fri, Sep 07, 2012 at 09:45:09AM -0400, Christos Zoulas wrote:
> On Sep 7, 9:20pm, tsutsui%ceres.dti.ne.jp@localhost (Izumi Tsutsui) wrote:
> -- Subject: Re: CVS commit: src/etc
> | > Easier maybe, but we do not realy want those device nodes on typical /dev
> | > filesystems (at least that was my understanding).
> | - What's the actual benefits on removing those device nodes on /dev?
> | Is it more important than possible fallouts in install materials?
> When ptyfs is mounted the pty nodes in ptyfs are used and not the entries
> in /dev. The entries in /dev have the same major and minor numbers and they
> are not chowned chmod'ed appropriately (they are world readable and writable).
> So anyone can spy on you (fortunately TIOCSTI is limited to the superuser
> so random people cannot write to your terminal). This is a security issue.
> The old pty allocation code required superuser access to chown/chmod the
> tty device nodes.
I thought (without checking) that they would be owned by root, group tty
with at most user read and user/group write until they are actually used.
Once used they get a chown (etc) and might not get reset again.
David Laight: david%l8s.co.uk@localhost
Main Index |
Thread Index |