Very Computer

by **Quinn Wilso** » Mon, 14 Dec 1998 04:00:00

AIX4.2 I have a scenario I don't understand. I have a program which dials
out on 10 different modems every night, around 200 calls. From time to time,
one or more of the tty's will change ownership from root:system crw_rw____
to uucp:uucp crw__w____ this prevents that modem from dialing out
altogether.

-root has no interaction with the tty's and no programs are running under
the uid of root, yet the permisions are changed.

Is this because ttys are special in some way?

I am able to get the same results when I run $penable tty(num) as any user
even when the setuid/setgid is removed.

I find it sort of disturbing thinking that any user on the system can
completely disable the dialout ports by running something like $penable tty*
. It seems contradictory to everything I understand about unix ownership

I'd like to stop this from happening and I'd like to know what's going on.

by **LAIX Software Consultin** » Mon, 14 Dec 1998 04:00:00

Permissions are set on the tty to root:system with 600 permissions by getty.
When a getty is run, the permissions are set in such a way that non-root
users can't simply read from the tty and thus read some one typing in their
password. When a tty is disabled, it should be set to uucp:uucp with
660 permissions so that only users in the uucp group can dial out. I suspect
your permissions are changing because some one / something is penabling
the tty. Note that non-root users should not be able to penable tty's as
you mentioned. They should get a permission denied if they attempt to
do so. As long as the tty remains disabled, the permissions should stay
660 with ownership of uucp:uucp.

Regards,
Paul

> AIX4.2 I have a scenario I don't understand. I have a program which dials
> out on 10 different modems every night, around 200 calls. From time to time,
> one or more of the tty's will change ownership from root:system crw_rw____
> to uucp:uucp crw__w____ this prevents that modem from dialing out
> altogether.

> -root has no interaction with the tty's and no programs are running under
> the uid of root, yet the permisions are changed.

> Is this because ttys are special in some way?

> I am able to get the same results when I run $penable tty(num) as any user
> even when the setuid/setgid is removed.

> I find it sort of disturbing thinking that any user on the system can
> completely disable the dialout ports by running something like $penable tty*
> . It seems contradictory to everything I understand about unix ownership

> I'd like to stop this from happening and I'd like to know what's going on.

by **Villy Kru** » Fri, 18 Dec 1998 04:00:00

>Permissions are set on the tty to root:system with 600 permissions by getty.
>When a getty is run, the permissions are set in such a way that non-root
>users can't simply read from the tty and thus read some one typing in their
> ...........
>Regards,
>Paul

>> AIX4.2 I have a scenario I don't understand. I have a program which dials
>> out on 10 different modems every night, around 200 calls. From time to time,
>> one or more of the tty's will change ownership from root:system crw_rw____
>> to uucp:uucp crw__w____ this prevents that modem from dialing out
>> altogether.

Getty will set tty ownership if it thinks the tty port is used for
incomming as well as outgoing calls. If you disable login nothing
should modify the tty ownership. If you enable the port the owner
should be root. If the port is share or delay then the ownership will
be uucp as it is assumed that the cu or uucico program needs access to
the port and both these programs are suid uucp.

Villy