On Mon, Apr 18, 2011 at 03:49:14PM -0400, [email protected]
wrote:
> Package: ngetty
> Version: 0.4-1
> Severity: important
>
> /etc/ngetty/Conf is installed with 0644 permissions, while the man
> page explains that it will only be processed if permissions are
> 0600. This causes TERM not to be set, so it defaults to TERM=dumb,
> with a variety of bad consequences.
Thanks, for using ngetty ;)
Why Conf is installed with 644? In my Makefile are the lines:
test -f $(ngetty_prefix)/Conf || \
install -m 600 $(P) Conf $(ngetty_prefix)
This means, that if building from source then
make install
don't overwrite /etc/ngetty/Conf if it allready exists.
Above command does not change also the the permision.
See also this link:
http://riemann.fmi.uni-sofia.bg/ngetty/binary/README
and the last three lines there.
> Personally, I think the fix is to change the permission check
> to require (st_mode & (S_IWGRP|S_IWOTH)) == 0, and owned by root,
> since it's not obvious that there's anything sensitive in there.
Yes, there is not anything sensitive in Conf. Of any case at
the time when I wrote ngetty I was in doubt -- 600 root:root or
644 root:root is better. At the end I desided to use 600.
If someone want 644 the patch is trivial.
See the option =debug in ngetty(8). I use it to see
which option is applied. By start ngetty closes fd=0,1,2
to save fd. So it cannot write any write errors. Why we
need fd=0,1,2 open for long running daemon and never use them.
For example the command
ngetty 1 2 3 4
works with only 4 open fd. If someone logins on tty2
then ngetty give one tty2_fd to the login program and continues
to work with three fd. After logout it continues again with
four open fd.
Regards,
Nikola
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
