RE: problem using screen after running /bin/su

screen-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: problem using screen after running /bin/su

From:	David Balazic
Subject:	RE: problem using screen after running /bin/su
Date:	Mon, 30 Aug 2004 09:27:06 +0200

>From your explanation I don't see why all other programs work ( can read and
write the tty ),
while screen can't.


> ----------
> From:
> address@hidden:screen-users-bou
> address@hidden on behalf of Juergen
> Weigert[SMTP:address@hidden
> Reply To:     address@hidden
> Sent:         27. avgust 2004 18:45
> To:   Felix E. Klee
> Cc:   address@hidden
> Subject:      Re: problem using screen after running /bin/su
> 
> On Aug 27, 04 17:50:33 +0200, Felix E. Klee wrote:
> > On Fri, 27 Aug 2004 08:39:48 -0700 (PDT) Edward Quillen wrote:
> > > Cannot open your terminal '/dev/pts/4' - please check.
> > 
> > I have the same problem under Linux. I found out that the device is
> > owned by the user who started the terminal (emulator). Ordinary users
> > cannot read/write from/to that device. 
> 
> And this is very good, the way it is. Otherwise, your 'ordinary user'
> could
> try to read from the device while you were typing your password.
> 
> > The device seems to be central
> > for IO; for example issuing
> > 
> >     echo "hello" > /dev/pts/4
> 
> Writing to a foreign tty is only a mild annouyance. 
> But reading is a security risk.
> 
> > should output "hello" in the terminal. It's a while ago that I searched
> > the web. All I could find were people saying that the above problem is a
> > bug in screen.
> 
> What looks like a bug is actually a hand-crafted security feature.
> Annoying sometimes, but protecting the innocent.
> 
> > 
> > A workaround may involve setting the needed permissions before su'ing.
> 
> Correct. Best is to chown the device. A group or world readable tty is an
> invitation to hackers. Or simply have your 'su' shell within the screen
> session, if that is possible.
> 
>         cheers,
>                 Jw.
> 
> -- 
>  o \  Juergen Weigert      unix-software __/ _=======.=======_     
> <V> | address@hidden         creator    __/        _---|____________\/    
>  \  |            0179/2069677      __/          (____/            /\
> (/) | ____________________________/              _/ \_ vim:set sw=2 wm=8
> 
> 
> _______________________________________________
> screen-users mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/screen-users
>

[Prev in Thread]

Current Thread

[Next in Thread]

problem using screen after running /bin/su, Edward Quillen, 2004/08/27
- Re: problem using screen after running /bin/su, Felix E. Klee, 2004/08/27
  - Re: problem using screen after running /bin/su, Joe Zbiciak, 2004/08/27
  - Re: problem using screen after running /bin/su, Juergen Weigert, 2004/08/27
- RE: problem using screen after running /bin/su, David Balazic <=
  - RE: problem using screen after running /bin/su, Joe Zbiciak, 2004/08/30
  - Re: problem using screen after running /bin/su, Michael Schroeder, 2004/08/31
    - Re: problem using screen after running /bin/su, Joe Zbiciak, 2004/08/31

Prev by Date: Re: problem using screen after running /bin/su
Next by Date: RE: problem using screen after running /bin/su
Previous by thread: Re: problem using screen after running /bin/su
Next by thread: RE: problem using screen after running /bin/su
Index(es):
- Date
- Thread