Re: tty chowning
Brian Blackmore (email@example.com)
Sun, 28 Sep 1997 12:03:26 +0100
Theodore Y. Ts'o wrote:
> From: David Holland <firstname.lastname@example.org>
> Date: Fri, 26 Sep 1997 07:26:09 -0400 (EDT)
> Why not build chowning into this process? On TIOCSCTTY, the tty
> chown itself to the effective uid of the current process and chmod
> itself to 620. Then, on close, the tty would chown itself back to
> root and chmod itself to 666.
> It's a not a bad idea, but it's not clear it meets your goal of not
> requiring any changes of any binaries. The problem is that in many
> cases, the TIOCSCTTY happens before the effective uid is set. For
> example, in the getty/login case, the controlling tty is established
> even before we know who is going to be logging in.
The main problem with tty's is with user processes can grab a tty but
then up with no way of ensuring that only they can use it. This is no
problem for root processes since they can simply chown the tty, but
normal user processes can not. Changing the owner on a TIOCSCTTY seems a
reasonable way of allowing this (as would allowing a user process to
chown the tty to itself if the tty was its controlling terminal).
However I'm not sure about the benifits of playing about with the
permissions of the tty since I believe this could cause problems with
serial ports. I want to limit who can talk to my modem, thus when my PPP
session finishes I *don't* want the port reverting to mode 666, since
then anyone could dial out to anywhere!!!