219048 – pty opened by XTerm is not owned by group `tty' and is world writable

Bug 219048 - pty opened by XTerm is not owned by group `tty' and is world writable

Summary: pty opened by XTerm is not owned by group `tty' and is world writable

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	xterm
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Miroslav Lichvar
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=low,source=redhat,reported=200...
Depends On:
Blocks:	220153
TreeView+	depends on / blocked

Reported:	2006-12-10 02:31 UTC by Kasper Dupont
Modified:	2007-11-30 22:11 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-01-09 17:08:04 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Kasper Dupont 2006-12-10 02:31:43 UTC

Description of problem:
mesg n does not actually prevent messages, and mesg y consistently produce an
error message.

Version-Release number of selected component (if applicable):
SysVinit-2.86-2.2.2

How reproducible:
Happens every time

Steps to Reproduce:
1. Open xterm
2. Type "mesg y"
  
Actual results:
mesg: error: tty device is not owned by group `tty'

Expected results:
No errors

Steps to Reproduce:
1. Open xterm
2. Type "mesg n"
3. ls -l $(tty)
  
Actual results:
crw-----w- 1 kasperd kasperd 136, 14 Dec  9 18:26 /dev/pts/14

Expected results:
No write permission for others

Additional info:
Even when messages are enabled, it is a bad idea to allow every user to write
the device directly. The write command makes it clear that a message was send,
and who did it. Direct writes can be used to fake tty output.

Comment 1 Bill Nottingham 2006-12-11 20:27:17 UTC

I can't reproduce this, although this is on FC6:

[notting@nostromo: ~]$ ls -l $(tty)
crw--w---- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2
[notting@nostromo: ~]$ mesg n
[notting@nostromo: ~]$ ls -l $(tty)
crw------- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2
[notting@nostromo: ~]$ mesg y
[notting@nostromo: ~]$ ls -l $(tty)
crw--w---- 1 notting tty 136, 2 Dec 11 15:23 /dev/pts/2

What sort of tty rules do you have in /etc/udev/rules.d?

Comment 2 Kasper Dupont 2006-12-12 04:44:18 UTC

I have just the /etc/udev/rules.d/50-udev.rules from udev-084-13.fc5.2

Comment 3 Harald Hoyer 2006-12-12 15:33:15 UTC

ownership and permissions of ptys are not set by udev, afaik

Comment 4 Bill Nottingham 2006-12-12 16:47:26 UTC

What's your line for /dev/pts in /etc/fstab?

Comment 5 Kasper Dupont 2006-12-13 06:19:44 UTC

[kasperd@localhost:pts/7:~] grep pts /etc/fstab
/dev/devpts             /dev/pts                devpts  gid=5,mode=620  0 0
[kasperd@localhost:pts/7:~]

Comment 6 Harald Hoyer 2006-12-13 10:45:01 UTC

/dev/pts is not managed by udev

Comment 7 Kasper Dupont 2006-12-14 04:55:12 UTC

I just noticed that I can only reproduce the problem in xterm. Konsole, script,
and screen are not affected by this.

Comment 8 Lubomir Kundrak 2006-12-19 10:50:53 UTC

mlichvar reported that only FC6, FC5 and RHEL5 are affected.
The problem is caused by obsolete patch for configure script that is no longer
needed.

Comment 9 Lubomir Kundrak 2007-01-09 11:55:02 UTC

Fixed in

xterm-223-1.fc5
xterm-223-1.fc6

Removing "Security sensitive" flag.

Comment 10 Fedora Update System 2007-01-09 16:54:04 UTC

xterm-223-1.fc5 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.