Hi!
Probably some cut & waste error from DSA 947-2:
On Wed, Jan 25, 2006 at 12:33:51PM +0100, Michael Stone wrote:
> Subject: [SECURITY] [DSA 955-1] New mailman packages fix denial of service
~~~
> -
Thomas Hood <[EMAIL PROTECTED]> wrote:
> What are the security implications of a tty device node failing to belong
> to group "tty"?
It depends on who has access to that group, what are the permissions of the
tty and what is intended.
Generally you want to restrict write access to a tty to a trus
Florian Weimer wrote:
> In other words, the warning makes perfect sense.
Would it also be secure if (as the submitter of #349578 writes):
> The tty is /dev/pts/* and is always owned and group-owned by me.
? That is, should the warning be suppressed in that case?
--
Thomas
--
To UNSUBSCRIBE
* Thomas Hood:
> Florian Weimer wrote:
>> In other words, the warning makes perfect sense.
>
>
> Would it also be secure if (as the submitter of #349578 writes):
This hasn't got to do much with security.
>> The tty is /dev/pts/* and is always owned and group-owned by me.
>
> ? That is, should t
* Thomas Hood:
> Hello, security experts.
>
> In #349578 it is claimed that the mesg program should not warn if a tty
> device node fails to belong to group "tty".
>
> What are the security implications of a tty device node failing to belong
> to group "tty"?
"mesg y" does not have the desired ef
Hello, security experts.
In #349578 it is claimed that the mesg program should not warn if a tty
device node fails to belong to group "tty".
What are the security implications of a tty device node failing to belong
to group "tty"?
Please CC: me as I am not subscribed to this list.
--
Thomas Hoo
6 matches
Mail list logo
