[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: problem using screen after running /bin/su
From: |
Juergen Weigert |
Subject: |
Re: problem using screen after running /bin/su |
Date: |
Fri, 27 Aug 2004 18:45:41 +0200 |
User-agent: |
Mutt/1.4.2.1i |
On Aug 27, 04 17:50:33 +0200, Felix E. Klee wrote:
> On Fri, 27 Aug 2004 08:39:48 -0700 (PDT) Edward Quillen wrote:
> > Cannot open your terminal '/dev/pts/4' - please check.
>
> I have the same problem under Linux. I found out that the device is
> owned by the user who started the terminal (emulator). Ordinary users
> cannot read/write from/to that device.
And this is very good, the way it is. Otherwise, your 'ordinary user' could
try to read from the device while you were typing your password.
> The device seems to be central
> for IO; for example issuing
>
> echo "hello" > /dev/pts/4
Writing to a foreign tty is only a mild annouyance.
But reading is a security risk.
> should output "hello" in the terminal. It's a while ago that I searched
> the web. All I could find were people saying that the above problem is a
> bug in screen.
What looks like a bug is actually a hand-crafted security feature.
Annoying sometimes, but protecting the innocent.
>
> A workaround may involve setting the needed permissions before su'ing.
Correct. Best is to chown the device. A group or world readable tty is an
invitation to hackers. Or simply have your 'su' shell within the screen
session, if that is possible.
cheers,
Jw.
--
o \ Juergen Weigert unix-software __/ _=======.=======_
<V> | address@hidden creator __/ _---|____________\/
\ | 0179/2069677 __/ (____/ /\
(/) | ____________________________/ _/ \_ vim:set sw=2 wm=8