Board index Unix Security

RedHat 6.0, /dev/pts permissions bug when using xterm

RedHat 6.0, /dev/pts permissions bug when using xterm

Post by ermirz.. » Wed, 09 Jun 1999 04:00:00



I believe most ppl R aware about this kindda DoS as reported ... so how
to disable everyone except the owner from getting  write access to
terminal on RH 6.0.  One way (very lame and this is what I did :() is to
chmod 600 /dev/pts/* but this is not effective as new terminale opened
will still be crw--w--w-.

Thanks in advance

erekose

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

 
 
 
Top

RedHat 6.0, /dev/pts permissions bug when using xterm

Post by Suchandra Tha » Fri, 11 Jun 1999 04:00:00



>I believe most ppl R aware about this kindda DoS as reported ... so how
>to disable everyone except the owner from getting  write access to
>terminal on RH 6.0.  One way (very lame and this is what I did :() is to
>chmod 600 /dev/pts/* but this is not effective as new terminale opened
>will still be crw--w--w-.

Just change/add the string mode=620,gid=5 to the line describing the
devpts filesystem in /etc/fstab.  It'll give the new ptys the right
permission and make sure the ptys are in the tty group.
--
------------------------------------------------------------------

Suchandra S. Thapa

------------------------------------------------------------------

 
 
 
Top

RedHat 6.0, /dev/pts permissions bug when using xterm

Post by ermirz.. » Fri, 11 Jun 1999 04:00:00





> >I believe most ppl R aware about this kindda DoS as reported ... so
how
> >to disable everyone except the owner from getting  write access to
> >terminal on RH 6.0.  One way (very lame and this is what I did :() is
to
> >chmod 600 /dev/pts/* but this is not effective as new terminale
opened
> >will still be crw--w--w-.

> Just change/add the string mode=620,gid=5 to the line describing the
> devpts filesystem in /etc/fstab.  It'll give the new ptys the right
> permission and make sure the ptys are in the tty group.
> --
> ------------------------------------------------------------------

> Suchandra S. Thapa

> ------------------------------------------------------------------

It would not work for rxvt.
                      ^^^^

Regards
erekose

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.

 
 
 
Top

RedHat 6.0, /dev/pts permissions bug when using xterm

Post by Juergen Hein » Fri, 11 Jun 1999 04:00:00






>> >I believe most ppl R aware about this kindda DoS as reported ... so
>how
>> >to disable everyone except the owner from getting  write access to
>> >terminal on RH 6.0.  One way (very lame and this is what I did :() is
>to
>> >chmod 600 /dev/pts/* but this is not effective as new terminale
>opened
>> >will still be crw--w--w-.

>> Just change/add the string mode=620,gid=5 to the line describing the
>> devpts filesystem in /etc/fstab.  It'll give the new ptys the right
>> permission and make sure the ptys are in the tty group.

Or use 600, quite fine.
[...]
Quote:>It would not work for rxvt.

Use the latest version, 2.6.0. You can use a previous one with some
changes but since the release supports Unix98 PTYs out of the box ...

Minor note, if it does not compiler adjust config.h so ... aehm ... IIRC
I'd to comment out either RXVT_WMTPX_FILE or RXVT_UTMPX_FILE manually.

Cheers,
Juergen

--
\ Real name     : Jrgen Heinzl                 \       no flames      /

 
 
 
Top

RedHat 6.0, /dev/pts permissions bug when using xterm

Post by ermirz.. » Sat, 12 Jun 1999 04:00:00


I recompiled rxvt-2.6.0 ... with the options --enable-ttygid as posted
in BUGTRAQ.  the rxvt is okay now ...

Regards

erekose







> >> >I believe most ppl R aware about this kindda DoS as reported ...
so
> >how
> >> >to disable everyone except the owner from getting  write access to
> >> >terminal on RH 6.0.  One way (very lame and this is what I did :()
is
> >to
> >> >chmod 600 /dev/pts/* but this is not effective as new terminale
> >opened
> >> >will still be crw--w--w-.

> >> Just change/add the string mode=620,gid=5 to the line describing
the
> >> devpts filesystem in /etc/fstab.  It'll give the new ptys the right
> >> permission and make sure the ptys are in the tty group.

> Or use 600, quite fine.
> [...]
> >It would not work for rxvt.
> Use the latest version, 2.6.0. You can use a previous one with some
> changes but since the release supports Unix98 PTYs out of the box ...

> Minor note, if it does not compiler adjust config.h so ... aehm ...
IIRC
> I'd to comment out either RXVT_WMTPX_FILE or RXVT_UTMPX_FILE manually.

> Cheers,
> Juergen

> --
> \ Real name     : Jrgen Heinzl                 \       no flames
/

/

Sent via Deja.com http://www.deja.com/
Share what you know. Learn what you don't.
 
 
 
Top

1. Wrong permissions for /dev/pts/0 and /dev/pts/1

Hi!
After resoring a msysbk I can't open terminals on a 43P.
Telnet works for all users, but when trying to open a aixterm or something else
I get the message in errorlog that when running dtexec it has wrong permissions
 for /dev/pts/0 or /dev/pts/1... This does not occur for the root user.

What do I have to change, and why does it occur after restoring the backup?

Thanks and greetings,
Georg

2. Memory, Can't trim Kernel below 8 meg

3. /dev/ttyp# & /dev/pts permissions

4. lost Image file.

5. how do xterm set mode for /dev/pts/** and possible problem with it?

6. UNIX admin wanted (perm)

7. Redirecting stderr to a new xterm: how to find /dev/pts/XX ?

8. avi files

9. /dev/pts permissions problem

10. /dev/pts/ permissions problem

11. Why all the pts/0, pts/1, ... on RedHat 7.1 ?

12. diff between /dev/tty and /dev/pts

13. tty-dev-number <-> /dev/pts


All times are UTC
Board index