Subject: Re: default /dev/tty* mode and ownership
To: None <>
From: Greywolf <>
List: tech-userlevel
Date: 07/29/2001 12:02:13
On Sun, 29 Jul 2001 wrote:

# Date: Sun, 29 Jul 2001 17:01:03 +0900
# From:
# To: Emmanuel Dreyfus <>
# Cc:
# Subject: Re: default /dev/tty* mode and ownership
# >> >Currently, /dev/tty* are created mode 600 root/wheel. Is there any
# >> >problem creating them mode 620 root/tty? Do we ever chgrp them to
# >> >something else than group tty? And is there any implication of allowing
# >> >group tty to write on a non allocated tty?
# >>       I don't think this reasonable.  this shouldn't be done.
# >
# >What are the drawbacks?
# 	I don't want wheel group users (with normal user privilege)
# 	to write to random ptys.  yes, wheel users may be able to become
# 	root, but there are certain protection mechamisms (sudo, su) that
# 	prevents wheel users from doing random bad things.  your change
# 	(600 -> 620) will let people bypass these mechanisms.  now a hijack
# 	of wheel users' normal account is equivalent to the hijack of root
# 	account (in terms of pty write privs).  this is a security drawback.

He said "group tty", not "group wheel".  Near as I can tell, users don't
live in group tty.  Where's the lose?

# itojun

NetBSD: it's not free beer, but it's free.