[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

Re: tty locks up

Subject: Re: tty locks up
From: Glynn Clements <glynn@xxxxxxxxxxxx>
Date: Mon, 5 Jul 1999 20:51:30 +0200 (GMT--1:00)

Sharad Joshi wrote:

> Let user A use ttyp0
> Let user B use ttyq1
> 
> Now B can do this from his terminal:  cat < /dev/ttyp0 > /dev/null&

He should get `permission denied'. It sounds as if you are using a
second-rate terminal emulator or similar. Any program which opens a
pty should set the ownership and permissions accordingly. NB: this
requires the program to be either setuid root (e.g. xterm) or run as
root (e.g. in.telnetd).

> And thus, A will be locked for ever. Moreover, he can not just find out
> what is happening. Nor can he log out. Also, the ps listing shows just
> "cat" for the user B and thus no one can know what is happening to the
> terminal ttyp0. User A is on the mercy of B.
> 
> Isn't this serious?

Potentially.

> Is there any way to find out who is reading a terminal.

	fuser /dev/ttyp0

> And how to overcome the above problem.

Don't use badly-written or misconfigured software in
security-sensitive situations.

- -- 
Glynn Clements <glynn@xxxxxxxxxxxx>

- --------------------------------------------------------------------
For more information on Linux in India visit http://www.linux-india.org/

------------------------------

Prev by Subject: Re: tty locks up
Next by Subject: Re: two ethernet cards...........
Previous by thread: Re: tty locks up
Next by thread: Re: Oracle for Linux
Index(es):
- Subject
- Thread