Vulnerability Development mailing list archives
Re: Console permissions in RH 6.X (was: Re: Window manager - impementation...)
From: sarnold () WILLAMETTE EDU (Seth R Arnold)
Date: Sat, 9 Oct 1999 13:21:41 -0700
On Sat, Oct 09, 1999 at 12:50:27PM +0300, Taneli Huuskonen wrote:
Anyone had a look at /etc/security/console.perms on a freshly installed Red Hat 6.0? <sound>=/dev/dsp* /dev/audio* /dev/midi* \ /dev/mixer* /dev/sequencer <cdrom>=/dev/cdrom [...] <console> 0600 <sound> 0644 root <console> 0600 <cdrom> 0600 root So, it's not only likely that the permissions are changed on /dev/cdrom rather than /dev/hdc isn't only highly likely, it's a fact. However, I'm more concerned about the permissions the sound devices revert to when you log out from console. They become world readable, meaning that if you have a microphone connected to your soundcard, you can be eavesdropped by a remote user.
I can't speak for any redhat installations, but every linux distribution I have used in the last five or six years has had a symbolic link from /dev/cdrom to /dev/hd? or /dev/sd? depending on whether it was a scsi device or ide device. (Probably also for those wierd proprietary devices too..) Symlinks have fun permissions -- rwxrwxrwx -- so, if whatever program sets the permissions based on the /etc/security/console.perms file isn't smart enough to follow symlinks (or, maybe, is smart enough to NOT follow symlinks) then the line setting permissions on the CD will have no effect. If it follows symlinks, then, of course, it will have the exact effect you describe. -- Seth Arnold | http://www.willamette.edu/~sarnold/ Hate spam? See http://maps.vix.com/rbl/ for help Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!
Current thread:
- Re: solaris DoS (fwd), (continued)
- Re: solaris DoS (fwd) Drazen Kacar (Oct 07)
- Re: solaris DoS (fwd) Arindum Mukerji (Oct 07)
- Re: solaris DoS (fwd) Erik Parker (Oct 07)
- Window manager - implementation bug/feature ??? Mithun Bhattacharya (Oct 06)
- Re: Window manager - implementation bug/feature ??? Chris Wilson (Oct 07)
- Re: Window manager - implementation bug/feature ??? Erik Parker (Oct 07)
- Re: Window manager - implementation bug/feature ??? Michael Jennings (Oct 07)
- Re: Window manager - implementation bug/feature ??? Erik Parker (Oct 08)
- Re: Window manager - implementation bug/feature ??? Jim Paris (Oct 08)
- Console permissions in RH 6.X (was: Re: Window manager - impementation...) Taneli Huuskonen (Oct 09)
- Re: Console permissions in RH 6.X (was: Re: Window manager - impementation...) Seth R Arnold (Oct 09)
- Re: Window manager - implementation bug/feature ??? Ron DuFresne (Oct 08)
- Re: Window manager - implementation bug/feature ??? Metal Hurlant (Oct 07)
- Re: Window manager - implementation bug/feature ??? Erik Parker (Oct 07)
- Re: Window manager - implementation bug/feature ??? Jani Ollikainen (Oct 07)
- Re: solaris DoS (fwd) Jesus Cea Avion (Oct 18)