From owner-freebsd-stable@FreeBSD.ORG Mon Oct 13 05:46:32 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C79031065693 for ; Mon, 13 Oct 2008 05:46:32 +0000 (UTC) (envelope-from unixmania@gmail.com) Received: from mu-out-0910.google.com (mu-out-0910.google.com [209.85.134.191]) by mx1.freebsd.org (Postfix) with ESMTP id 47CBB8FC23 for ; Mon, 13 Oct 2008 05:46:32 +0000 (UTC) (envelope-from unixmania@gmail.com) Received: by mu-out-0910.google.com with SMTP id i2so1555374mue.3 for ; Sun, 12 Oct 2008 22:46:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=AMbSnDnI7Ltyo6tGd7z20++m5IXKOPup+rdwo14+ghw=; b=kqgk2SOg62lgo6zpItgd4hF/ujjK5T0S6vuLUFUq791CJfDKsq/l++yqJ/u1J34YVp Tn8JOsSGQeROazwUcdEc8mDkP3gPryrG33oa8Hw0AxNMzSZmMi5iMDajhoT6yio4+eGM +PY9Cb2bIjP7zjLjJh1vNrFdOUvXVuarVGNoQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=d4GA+4JEyuLpbrgMcaNpS2acdiWxwDHV7RJFZGab7PrpaICtdhkUrQ7y6A4fqxAE3t gqzLH+wqLQ6BiBob0v1MiAcTKpDqCNQCNu5dCNnWNli+k6mb+i+a66Acd5dlFpob8mdy MSgLRRmT83RKLLeNuit/fZ33J8iVg19A1avQw= Received: by 10.103.239.10 with SMTP id q10mr3236091mur.82.1223876790956; Sun, 12 Oct 2008 22:46:30 -0700 (PDT) Received: by 10.103.231.14 with HTTP; Sun, 12 Oct 2008 22:46:30 -0700 (PDT) Message-ID: Date: Mon, 13 Oct 2008 03:46:30 -0200 From: "Carlos A. M. dos Santos" To: "Jeremy Chadwick" In-Reply-To: <20081013052353.GA10013@icarus.home.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20080910203445.GA8561@mr-happy.com> <20081013052353.GA10013@icarus.home.lan> Cc: freebsd-stable@freebsd.org Subject: Re: can't see non-root writes to /dev/console X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Oct 2008 05:46:32 -0000 On Mon, Oct 13, 2008 at 3:23 AM, Jeremy Chadwick wrote: > On Mon, Oct 13, 2008 at 03:16:37AM -0200, Carlos A. M. dos Santos wrote: >> On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos >> wrote: >> > On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank wrote: >> >> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest" >> >> (which seems to be from a few days ago--no changes from Monday >> >> morning's csup to today's) and can no longer see the effect of writing >> >> to /dev/console as non-root. When I log in using xdm, my user owns >> >> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'. But >> >> when I, for example, >> >> >> >> echo foo > /dev/console >> >> >> >> I see nothing in the console xterm. No error messages, and echo exits >> >> 0. If I su to root and do the same, I get 'foo' in the same console >> >> xterm. Syslog messages to /dev/console also appear, of course. All >> >> the above applies to xconsole as well, not just xterm. I did >> >> recompile xterm from 20080616 ports, but it didn't fix the issue >> >> (didn't expect it to, as xterm clearly has no trouble attaching and >> >> reading). So my echo is getting lost in the kernel, I guess. >> >> >> >> Known problem? Intentional change? Something else? >> > >> > I have seen this problem since 6.x times and still on 7.x. I also >> > noticed that if I send something to the console after xconsole starts >> > then I can sned messages as an ordinary user. My workaround was >> > modifying the Xsetup_0 script (I used xdm for login), adding a line >> > with >> > >> > (sleep 3; date >> "$dev_console") & >> > >> > just after starting xconsole. >> > >> > I didn't have time to set up a machine with 8-CURRENT yet, so I could >> > not check if the new mp-safe tty implementation fixes this, either >> > intentionally or by a fortunate side effect. >> >> I took some time to look at this again. I'm using 8.0-CURRENT now >> (GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable >> to open the console even if my user & group own /dev/console and the >> permissions are set to 0622. This happens because of the following >> code in xconsole.c: >> >> 289 int on = 1; >> 290 if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1) >> 291 input = fdopen (pty_fd, "r"); >> >> The ioctl call fails (EPERM) because only superuser can use TIOCCONS, >> regardless the ownership of the device. Using xterm with the "-C" >> argument works because xterm is installed with the setuid flag bit on. >> So the solution is "chmod +us xconsole". > > Can someone security audit this program before blindly setuid-root'ing > it? Doing it on my own notebook is not a major concern. The idea of making it a general solution puts me nervous too. Xconsole itself is very simple application but it uses a bunch of X libraries that may have their own security issues. OTOH, xterm uses the same libraries, and even more. -- cd /usr/ports/sysutils/life make clean