BSD tty security, part 4: What You Can Look Forward To
Ian Crocker
ian at pharaoh.UUCP
Sat May 4 02:37:14 AEST 1991
Maybe I am missing something here but I don't see where the security issue
lies. Sure it is easy to knock up a program that disassociates itself from
the controlling tty using TIOCNOTTY, then attach to another tty that you have
write permission on. However when you try and do the TIOCSTI it fails on
all the systems I have tried it on because you are not the owner of the
device. I know that the manual says it should work as you are trying
to do the ioctl on your control terminal, but this is not the case on my
systems - you have to own the device or have an euid of 0.
Ian.
--
Ian Crocker
NPW-mail : ian at pharaoh
usenet : ian at cyborg.bt.co.uk
More information about the Comp.unix.wizards
mailing list