[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: problem using screen after running /bin/su

From: Juergen Weigert
Subject: Re: problem using screen after running /bin/su
Date: Fri, 27 Aug 2004 18:45:41 +0200
User-agent: Mutt/

On Aug 27, 04 17:50:33 +0200, Felix E. Klee wrote:
> On Fri, 27 Aug 2004 08:39:48 -0700 (PDT) Edward Quillen wrote:
> > Cannot open your terminal '/dev/pts/4' - please check.
> I have the same problem under Linux. I found out that the device is
> owned by the user who started the terminal (emulator). Ordinary users
> cannot read/write from/to that device. 

And this is very good, the way it is. Otherwise, your 'ordinary user' could
try to read from the device while you were typing your password.

> The device seems to be central
> for IO; for example issuing
>     echo "hello" > /dev/pts/4

Writing to a foreign tty is only a mild annouyance. 
But reading is a security risk.

> should output "hello" in the terminal. It's a while ago that I searched
> the web. All I could find were people saying that the above problem is a
> bug in screen.

What looks like a bug is actually a hand-crafted security feature.
Annoying sometimes, but protecting the innocent.

> A workaround may involve setting the needed permissions before su'ing.

Correct. Best is to chown the device. A group or world readable tty is an
invitation to hackers. Or simply have your 'su' shell within the screen
session, if that is possible.


 o \  Juergen Weigert      unix-software __/ _=======.=======_     
<V> | address@hidden         creator    __/        _---|____________\/    
 \  |            0179/2069677      __/          (____/            /\
(/) | ____________________________/              _/ \_ vim:set sw=2 wm=8

reply via email to

[Prev in Thread] Current Thread [Next in Thread]