Bugtraq mailing list archives
Re: Digital UNIX/Irix mesg problem
From: jes () GROVE UFL EDU (John Sheehy)
Date: Tue, 29 Apr 1997 18:35:04 -0400
On Tue, 29 Apr 1997, Tom Leffingwell wrote: | This is rather stupid and not much of a bug, but it shouldn't | happen. Basically, the permissions on your tty are set correctly, with | messages on, during login. If you turn them off, and then turn them back | on, your tty becomes world writable. (Actually, you don't have to turn | them off, mesg y automatically sets permissions that way). I don't | remember that being that way in Digital UNIX 3, but I can't think of a box [...] On Digital Unix 3.2D-1:
uname -a
OSF1 hostname V3.2 41 alpha
ls -l /dev/ttyq5
crw--w---- 2 jes terminal 6, 21 Apr 29 18:23 /dev/ttyq5
mesg n
ls -l /dev/ttyq5
crw------- 2 jes terminal 6, 21 Apr 29 18:23 /dev/ttyq5
mesg y
ls -l /dev/ttyq5
crw--w--w- 2 jes terminal 6, 21 Apr 29 18:23 /dev/ttyq5 On Diigital Unix 3.2G: # uname -a OSF1 ns V3.2 62 alpha # ls -l `tty` crw--w---- 1 root terminal 5, 5 Apr 29 18:32 /dev/tty07 # mesg n # ls -l `tty` crw------- 1 root terminal 5, 5 Apr 29 18:32 /dev/tty07 # mesg y # ls -l `tty` crw--w--w- 1 root terminal 5, 5 Apr 29 18:32 /dev/tty07 This is rather annoying. Time to write a script to replace mesg. -John Sheehy
Current thread:
- Smashing the Stack: prevention? nate (Apr 27)
- Re: Smashing the Stack: prevention? Thomas H. Ptacek (Apr 27)
- Re: Smashing the Stack: prevention? Russell Coker (Apr 28)
- Possibly exploitable buffer overflow in Solaris 2.5.1 ps Joe Zbiciak (Apr 28)
- Re: Possibly exploitable buffer overflow in Solaris 2.5.1 ps Geoffrey KEATING (Apr 29)
- Digital UNIX/Irix mesg problem Tom Leffingwell (Apr 29)
- Re: Digital UNIX/Irix mesg problem John Sheehy (Apr 29)
- Access control on W3C httpd server Peter Lord (Apr 30)
- vulnerabilities in kerberos David Sacerdote (Apr 29)
- Sun Security Bulletin #00139 Sun Security Coordination Team (Apr 29)
- SMASHING THE STACK: PREVENTION? massimo at vnet.ibm.com (Apr 28)
- Re: SMASHING THE STACK: PREVENTION? Alex Belits (Apr 28)
- Re: SMASHING THE STACK: PREVENTION? Thomas H. Ptacek (Apr 29)
- Re: Smashing the Stack: prevention? Thomas H. Ptacek (Apr 27)
- Re: Smashing the Stack: prevention? Tim Newsham (Apr 27)
- Re: Smashing the Stack: prevention? Joe Zbiciak (Apr 28)
- Re: Smashing the Stack: prevention? Daniel Ryde (Apr 28)
- xlock clarification.... David Hedley (Apr 28)