On Mon, Oct 13, 2008 at 3:23 AM, Jeremy Chadwick <[EMAIL PROTECTED]> wrote: > On Mon, Oct 13, 2008 at 03:16:37AM -0200, Carlos A. M. dos Santos wrote: >> On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos >> <[EMAIL PROTECTED]> wrote: >> > On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank <[EMAIL PROTECTED]> wrote: >> >> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest" >> >> (which seems to be from a few days ago--no changes from Monday >> >> morning's csup to today's) and can no longer see the effect of writing >> >> to /dev/console as non-root. When I log in using xdm, my user owns >> >> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'. But >> >> when I, for example, >> >> >> >> echo foo > /dev/console >> >> >> >> I see nothing in the console xterm. No error messages, and echo exits >> >> 0. If I su to root and do the same, I get 'foo' in the same console >> >> xterm. Syslog messages to /dev/console also appear, of course. All >> >> the above applies to xconsole as well, not just xterm. I did >> >> recompile xterm from 20080616 ports, but it didn't fix the issue >> >> (didn't expect it to, as xterm clearly has no trouble attaching and >> >> reading). So my echo is getting lost in the kernel, I guess. >> >> >> >> Known problem? Intentional change? Something else? >> > >> > I have seen this problem since 6.x times and still on 7.x. I also >> > noticed that if I send something to the console after xconsole starts >> > then I can sned messages as an ordinary user. My workaround was >> > modifying the Xsetup_0 script (I used xdm for login), adding a line >> > with >> > >> > (sleep 3; date >> "$dev_console") & >> > >> > just after starting xconsole. >> > >> > I didn't have time to set up a machine with 8-CURRENT yet, so I could >> > not check if the new mp-safe tty implementation fixes this, either >> > intentionally or by a fortunate side effect. >> >> I took some time to look at this again. I'm using 8.0-CURRENT now >> (GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable >> to open the console even if my user & group own /dev/console and the >> permissions are set to 0622. This happens because of the following >> code in xconsole.c: >> >> 289 int on = 1; >> 290 if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1) >> 291 input = fdopen (pty_fd, "r"); >> >> The ioctl call fails (EPERM) because only superuser can use TIOCCONS, >> regardless the ownership of the device. Using xterm with the "-C" >> argument works because xterm is installed with the setuid flag bit on. >> So the solution is "chmod +us xconsole". > > Can someone security audit this program before blindly setuid-root'ing > it?
Doing it on my own notebook is not a major concern. The idea of making it a general solution puts me nervous too. Xconsole itself is very simple application but it uses a bunch of X libraries that may have their own security issues. OTOH, xterm uses the same libraries, and even more. -- cd /usr/ports/sysutils/life make clean _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
