On Mon, Oct 13, 2008 at 03:16:37AM -0200, Carlos A. M. dos Santos wrote: > On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos > <[EMAIL PROTECTED]> wrote: > > On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank <[EMAIL PROTECTED]> wrote: > >> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest" > >> (which seems to be from a few days ago--no changes from Monday > >> morning's csup to today's) and can no longer see the effect of writing > >> to /dev/console as non-root. When I log in using xdm, my user owns > >> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'. But > >> when I, for example, > >> > >> echo foo > /dev/console > >> > >> I see nothing in the console xterm. No error messages, and echo exits > >> 0. If I su to root and do the same, I get 'foo' in the same console > >> xterm. Syslog messages to /dev/console also appear, of course. All > >> the above applies to xconsole as well, not just xterm. I did > >> recompile xterm from 20080616 ports, but it didn't fix the issue > >> (didn't expect it to, as xterm clearly has no trouble attaching and > >> reading). So my echo is getting lost in the kernel, I guess. > >> > >> Known problem? Intentional change? Something else? > > > > I have seen this problem since 6.x times and still on 7.x. I also > > noticed that if I send something to the console after xconsole starts > > then I can sned messages as an ordinary user. My workaround was > > modifying the Xsetup_0 script (I used xdm for login), adding a line > > with > > > > (sleep 3; date >> "$dev_console") & > > > > just after starting xconsole. > > > > I didn't have time to set up a machine with 8-CURRENT yet, so I could > > not check if the new mp-safe tty implementation fixes this, either > > intentionally or by a fortunate side effect. > > I took some time to look at this again. I'm using 8.0-CURRENT now > (GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable > to open the console even if my user & group own /dev/console and the > permissions are set to 0622. This happens because of the following > code in xconsole.c: > > 289 int on = 1; > 290 if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1) > 291 input = fdopen (pty_fd, "r"); > > The ioctl call fails (EPERM) because only superuser can use TIOCCONS, > regardless the ownership of the device. Using xterm with the "-C" > argument works because xterm is installed with the setuid flag bit on. > So the solution is "chmod +us xconsole".
Can someone security audit this program before blindly setuid-root'ing it? -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
