[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: how does O_NOCTTY help? [Re: bug in chdir-safer

From: Paul Eggert
Subject: Re: how does O_NOCTTY help? [Re: bug in chdir-safer
Date: Tue, 14 Feb 2006 09:50:43 -0800
User-agent: Gnus/5.1007 (Gnus v5.10.7) Emacs/21.4 (gnu/linux)

Jim Meyering <address@hidden> writes:

> It sounds like you're explaining why it was important to use O_NOCTTY
> on ancient systems.  Do you really think it is important now?

I don't think it's _important_, no; it's a minor issue.  The scenarios
that I'm thinking of are fairly unlikely and don't provide that much
benefit to the attacker.  For example, suppose someone has physical
access to a serial port that is otherwise unused, and plants a
symlink-to-it in /tmp where an unwary long-running root process can
pick it up.  That sort of thing.  I suppose on some hosts it could be
done even without hardware access, by using pseudottys.  (Not that I'm
inclined to try this!)

> Otherwise, this (omitting O_NOCTTY) would constitute a significant
> security risk and it would have been well documented.

I tend to agree about "significant security risk".  Internal vandals
are not that big a deal these days, on most hosts.  However, I suspect
that the vandalism is possible, at least on System Vish hosts.  (It's
not possible on GNU/Linux thank goodness.)

reply via email to

[Prev in Thread] Current Thread [Next in Thread]