shadow chown(tty) - problem

Richard Lightman richard at nezumi.plus.com
Sun Sep 1 05:32:57 PDT 2002


* Richard Lightman <richard at nezumi.plus.com> [2002-09-01 13:20]:
> * YuX <yux at cg.ukrtel.net> [2002-09-01 08:29]:
> > 
> > #ifdef __linux__
> >  /*
> >   * Please don't add code to chown /dev/vcs* to the user logging in -
> >   * it's a potential security hole.  I wouldn't like the previous user
> >   * to hold the file descriptor open and watch my screen.  We don't
> >   * have the *BSD revoke() system call yet, and vhangup() only works
> >   * for tty devices (which vcs* is not).  --marekm
> >   */
> > #endif
> > 
> 
> I could get conlogin (which is setuid) to kill this sort of thing.
> I will get back to you if it works.
> 
It works.
http://www.nezumi.plus.com/conlogin

Now can anyone see a problem with this:

Root logs in, set up some process which has a valid reason to access
a device, then logs out with the process still running. User logs in,
and his .bash_profile runs conlogin. Conlogin sees from its config file
(writable only by root), that some devices need to be owned by user.
One of these devices is being used by that process root set up.
conlogin kills it.

Richard
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-dev' in the subject header of the message



More information about the lfs-dev mailing list