From owner-freebsd-bugs@FreeBSD.ORG Sun Apr 28 21:50:02 2013 Return-Path: Delivered-To: freebsd-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 5D61EDC9 for ; Sun, 28 Apr 2013 21:50:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 4FC44166C for ; Sun, 28 Apr 2013 21:50:02 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.6/8.14.6) with ESMTP id r3SLo1pa054815 for ; Sun, 28 Apr 2013 21:50:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.6/8.14.6/Submit) id r3SLo1cq054814; Sun, 28 Apr 2013 21:50:01 GMT (envelope-from gnats) Date: Sun, 28 Apr 2013 21:50:01 GMT Message-Id: <201304282150.r3SLo1cq054814@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Eitan Adler Subject: Re: bin/61355: login(1) does not restore terminal ownership on exit X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Eitan Adler List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Apr 2013 21:50:02 -0000 The following reply was made to PR bin/61355; it has been noted by GNATS. From: Eitan Adler To: bug-followup Cc: Subject: Re: bin/61355: login(1) does not restore terminal ownership on exit Date: Sun, 28 Apr 2013 17:44:34 -0400 ---------- Forwarded message ---------- From: Jilles Tjoelker Date: 28 April 2013 17:30 Subject: Re: bin/61355: login(1) does not restore terminal ownership on exit To: freebsd-bugs@freebsd.org The following reply was made to PR bin/61355; it has been noted by GNATS. From: Jilles Tjoelker To: bug-followup@FreeBSD.org, eugen@kuzbass.ru Cc: Subject: Re: bin/61355: login(1) does not restore terminal ownership on exit Date: Sun, 28 Apr 2013 23:23:05 +0200 > [nested login(1) does not restore tty ownership] If it didn't break anything, I would like to "solve" this problem by removing /usr/bin/login's setuid bit. You can use su (or sudo from ports) to become another user temporarily. With utmpx, I think the corruption of those files is solved. The utmpx code can handle overlapping sessions on the same tty. The tty ownership is normally reset to root:wheel by the new getty (for ttys managed via /etc/ttys) or by the destruction of the tty (for pseudo terminals). So it is probably safe to remember the old uid/gid and restore it later. Even with that, there is no isolation between the two users. Since there is no new session or revocation (and there cannot be), the nested user can continue to access the tty after the "logout". For the same reason, the setlogin() call affects both the old and the new user's processes; this is not undone afterwards either. -- Jilles Tjoelker _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscribe@freebsd.org" -- Eitan Adler