Source-Changes-D archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/etc

On Fri, Sep 07, 2012 at 09:45:09AM -0400, Christos Zoulas wrote:
> On Sep 7,  9:20pm, (Izumi Tsutsui) wrote:
> -- Subject: Re: CVS commit: src/etc
> | > Easier maybe, but we do not realy want those device nodes on typical /dev
> | > filesystems (at least that was my understanding).
> | 
> | - What's the actual benefits on removing those device nodes on /dev?
> |   Is it more important than possible fallouts in install materials?
> When ptyfs is mounted the pty nodes in ptyfs are used and not the entries
> in /dev. The entries in /dev have the same major and minor numbers and they
> are not chowned chmod'ed appropriately (they are world readable and writable).
> So anyone can spy on you (fortunately TIOCSTI is limited to the superuser
> so random people cannot write to your terminal). This is a security issue.
> The old pty allocation code required superuser access to chown/chmod the
> tty device nodes.

I thought (without checking) that they would be owned by root, group tty
with at most user read and user/group write until they are actually used.
Once used they get a chown (etc) and might not get reset again.


David Laight:

Home | Main Index | Thread Index | Old Index