From owner-freebsd-security Fri Sep 27 9:28:17 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C725637B401 for ; Fri, 27 Sep 2002 09:28:14 -0700 (PDT) Received: from drmirage.clustermonkey.org (drmirage.clustermonkey.org [198.78.66.49]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8842343E42 for ; Fri, 27 Sep 2002 09:28:14 -0700 (PDT) (envelope-from laz@drmirage.clustermonkey.org) Received: by drmirage.clustermonkey.org (Postfix, from userid 1000) id 5502C54E6A; Fri, 27 Sep 2002 11:57:06 -0400 (EDT) Date: Fri, 27 Sep 2002 11:57:06 -0400 From: Adam Lazur To: freebsd-security@FreeBSD.ORG Subject: Re: screen question/problem. Message-ID: <20020927155706.GA59758@drmirage.clustermonkey.org> References: <20020925144631.E90374-100000@cithaeron.argolis.org> <20020925123015.Y11323-100000@walter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020925123015.Y11323-100000@walter> User-Agent: Mutt/1.4i Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Jason Stone (jason-fbsd-security@shalott.net) said: > > Screen likes to be root so it can do things like update utmp (or wtmp, > > whichever). > > I've been wondering about this for a while - on my personal systems, I've > always created a group wtmp and made utmp/wtmp/lastlog group wtmp, group > writable, and screen, xterm, etc, setgid wtmp instead of setuid root. > > This seems to me to preserve that portion of the functionality (I know > that screen also likes to be setuid root for other reasons) while being > substantially safer than having everything just be setuid root. > > Am I missing something? Are there other implications to using a wtmp > group and setgid binaries? I think that this would be a nice change to > make to the base system if it's reasonable to do so. There are issues with setting permissions on your tty. On my FreeBSD 4.5 box it keeps the default perms root:wheel 666, which is bad. You want it to end up with youruser:tty 620. I maintain screen for the Debian project, and we have been shipping screen setgid utmp for a long time. We avoid the tty perms problem by having default perms on unix98 tty's that work out okay (though there is a bug on non-devfs systems atm). For full functionality, screen must also be setuid root to do multi-user. This is another permissions setup problem (on the named pipes this time) that making screen setuid root avoids. It's on my todo list to fix things to that a setgid utmp screen will work with multi-user screen "out of the box" in the future. -- Adam Lazur, Cluster Monkey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message