Re: Re: CVE-2024-28085: Escape sequence injection in util-linux wall

[Jakub Wilk <jwilk () jwilk net>]

* nightmare.yeah27 () aceecat org, 2024-03-27 13:57:
> /etc/default/devpts

This file is used by sysvinit when mounting /dev/pts.

systemd doesn't use it. It mounts /dev/pts with mode=620 by default.

> /etc/login.defs

As far as I can see, TTYPERM from login.defs is used only by login(1) 
and sometimes¹ by su(1). If you log in through SSH, or run xterm(1) or 
screen(1) or... it won't have any effect.

It's all awful and undocumented.


¹ https://github.com/util-linux/util-linux/commit/17d5b264367debb7
  ("su: (pty) change owner and mode for pty")

--
Jakub Wilk