Bug 219048
Summary: | pty opened by XTerm is not owned by group `tty' and is world writable | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Kasper Dupont <bugzilla> |
Component: | xterm | Assignee: | Miroslav Lichvar <mlichvar> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | notting, security-response-team |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | impact=low,source=redhat,reported=20061219 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-01-09 17:08:04 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 220153 |
Description
Kasper Dupont
2006-12-10 02:31:43 UTC
I can't reproduce this, although this is on FC6: [notting@nostromo: ~]$ ls -l $(tty) crw--w---- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2 [notting@nostromo: ~]$ mesg n [notting@nostromo: ~]$ ls -l $(tty) crw------- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2 [notting@nostromo: ~]$ mesg y [notting@nostromo: ~]$ ls -l $(tty) crw--w---- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2 What sort of tty rules do you have in /etc/udev/rules.d? I have just the /etc/udev/rules.d/50-udev.rules from udev-084-13.fc5.2 ownership and permissions of ptys are not set by udev, afaik What's your line for /dev/pts in /etc/fstab? [kasperd@localhost:pts/7:~] grep pts /etc/fstab /dev/devpts /dev/pts devpts gid=5,mode=620 0 0 [kasperd@localhost:pts/7:~] /dev/pts is not managed by udev I just noticed that I can only reproduce the problem in xterm. Konsole, script, and screen are not affected by this. mlichvar reported that only FC6, FC5 and RHEL5 are affected. The problem is caused by obsolete patch for configure script that is no longer needed. Fixed in xterm-223-1.fc5 xterm-223-1.fc6 Removing "Security sensitive" flag. xterm-223-1.fc5 has been pushed for fc5, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report. |