Date: Mon, 13 Oct 2008 03:46:30 -0200 From: "Carlos A. M. dos Santos" <unixmania@gmail.com> To: "Jeremy Chadwick" <koitsu@freebsd.org> Cc: freebsd-stable@freebsd.org Subject: Re: can't see non-root writes to /dev/console Message-ID: <e71790db0810122246h1f38faf7yccee763677cdb0c3@mail.gmail.com> In-Reply-To: <20081013052353.GA10013@icarus.home.lan> References: <20080910203445.GA8561@mr-happy.com> <e71790db0809101854k1b9d75dck2efb3fee8ee67826@mail.gmail.com> <e71790db0810122216n54593f5dn577b148496e1e2ee@mail.gmail.com> <20081013052353.GA10013@icarus.home.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 13, 2008 at 3:23 AM, Jeremy Chadwick <koitsu@freebsd.org> wrote: > On Mon, Oct 13, 2008 at 03:16:37AM -0200, Carlos A. M. dos Santos wrote: >> On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos >> <unixmania@gmail.com> wrote: >> > On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank <jb000002@mr-happy.com> wrote: >> >> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest" >> >> (which seems to be from a few days ago--no changes from Monday >> >> morning's csup to today's) and can no longer see the effect of writing >> >> to /dev/console as non-root. When I log in using xdm, my user owns >> >> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'. But >> >> when I, for example, >> >> >> >> echo foo > /dev/console >> >> >> >> I see nothing in the console xterm. No error messages, and echo exits >> >> 0. If I su to root and do the same, I get 'foo' in the same console >> >> xterm. Syslog messages to /dev/console also appear, of course. All >> >> the above applies to xconsole as well, not just xterm. I did >> >> recompile xterm from 20080616 ports, but it didn't fix the issue >> >> (didn't expect it to, as xterm clearly has no trouble attaching and >> >> reading). So my echo is getting lost in the kernel, I guess. >> >> >> >> Known problem? Intentional change? Something else? >> > >> > I have seen this problem since 6.x times and still on 7.x. I also >> > noticed that if I send something to the console after xconsole starts >> > then I can sned messages as an ordinary user. My workaround was >> > modifying the Xsetup_0 script (I used xdm for login), adding a line >> > with >> > >> > (sleep 3; date >> "$dev_console") & >> > >> > just after starting xconsole. >> > >> > I didn't have time to set up a machine with 8-CURRENT yet, so I could >> > not check if the new mp-safe tty implementation fixes this, either >> > intentionally or by a fortunate side effect. >> >> I took some time to look at this again. I'm using 8.0-CURRENT now >> (GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable >> to open the console even if my user & group own /dev/console and the >> permissions are set to 0622. This happens because of the following >> code in xconsole.c: >> >> 289 int on = 1; >> 290 if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1) >> 291 input = fdopen (pty_fd, "r"); >> >> The ioctl call fails (EPERM) because only superuser can use TIOCCONS, >> regardless the ownership of the device. Using xterm with the "-C" >> argument works because xterm is installed with the setuid flag bit on. >> So the solution is "chmod +us xconsole". > > Can someone security audit this program before blindly setuid-root'ing > it? Doing it on my own notebook is not a major concern. The idea of making it a general solution puts me nervous too. Xconsole itself is very simple application but it uses a bunch of X libraries that may have their own security issues. OTOH, xterm uses the same libraries, and even more. -- cd /usr/ports/sysutils/life make clean
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e71790db0810122246h1f38faf7yccee763677cdb0c3>