Thomas Hood <[EMAIL PROTECTED]> wrote: > What are the security implications of a tty device node failing to belong > to group "tty"?
It depends on who has access to that group, what are the permissions of the tty and what is intended. Generally you want to restrict write access to a tty to a trusted person, because otherwise she can use escape sequences to cause all kind of provblems (reprogramming keyboard, playing ascii movies, reading screen). write(1) can filter messages, and it enforces the clean-ness. Therefore it uses sguid tty. So if a user says "mesg yes" she wants actually allow write access and not raw access. Thats why a warning is a good thing. Gruss Bernd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
