From owner-freebsd-hackers@FreeBSD.ORG  Fri Jan  7 10:58:16 2011
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 429C0106564A
	for <freebsd-hackers@freebsd.org>; Fri,  7 Jan 2011 10:58:16 +0000 (UTC)
	(envelope-from gljennjohn@googlemail.com)
Received: from mail-bw0-f54.google.com (mail-bw0-f54.google.com
	[209.85.214.54])
	by mx1.freebsd.org (Postfix) with ESMTP id BDF9D8FC0A
	for <freebsd-hackers@freebsd.org>; Fri,  7 Jan 2011 10:58:15 +0000 (UTC)
Received: by bwz12 with SMTP id 12so9854947bwz.13
	for <freebsd-hackers@freebsd.org>; Fri, 07 Jan 2011 02:58:14 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=googlemail.com; s=gamma;
	h=domainkey-signature:received:received:date:from:to:cc:subject
	:message-id:in-reply-to:references:reply-to:x-mailer:mime-version
	:content-type:content-transfer-encoding;
	bh=38qNOd9E3hS9sbkRb3LFjgG7B/Xtg79Uc7WymonE51k=;
	b=o0Z8+Mnh/j2sDfIt6lEU7FBGe4mE/6VvLLSb7nhHqk1FDeGOg5iXUX5jxkKJ0vxIiB
	5npoRIo746qz0UC5tSAT7GS/OVVQFNGl0L7+eytQXlndAZD39G8g5wmUC090zgwg92ZU
	R3ZuVwVXUtnwWmGUb7MpX0uylfXuLDig2DXrY=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma;
	h=date:from:to:cc:subject:message-id:in-reply-to:references:reply-to
	:x-mailer:mime-version:content-type:content-transfer-encoding;
	b=dNHvFdGc2+sy62uLshaKZr9A9zUYzhi5dFJEyrM6a0R5A7u/6S4Bk05Nd80JMN29u2
	ILbHU6TfRYonqy0mRnZ7PXipuvYH2dIV+1XyUSI3oN71SzppI9t05m4QmGNhyowmjJ86
	zr0asGySjLMc17QlVG+vFJoUUBZ4CNyNdAyPo=
Received: by 10.204.52.138 with SMTP id i10mr2460395bkg.23.1294397894410;
	Fri, 07 Jan 2011 02:58:14 -0800 (PST)
Received: from ernst.jennejohn.org (p578E194D.dip.t-dialin.net [87.142.25.77])
	by mx.google.com with ESMTPS id
	v25sm14096191bkt.18.2011.01.07.02.58.12
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Fri, 07 Jan 2011 02:58:13 -0800 (PST)
Date: Fri, 7 Jan 2011 11:58:11 +0100
From: Gary Jennejohn <gljennjohn@googlemail.com>
To: Craig Leres <leres@ee.lbl.gov>
Message-ID: <20110107115811.12d993b6@ernst.jennejohn.org>
In-Reply-To: <4D268557.2090704@ee.lbl.gov>
References: <4D268557.2090704@ee.lbl.gov>
X-Mailer: Claws Mail 3.7.8 (GTK+ 2.18.7; amd64-portbld-freebsd9.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Cc: freebsd-hackers@freebsd.org
Subject: Re: xterm -C and TIOCCONS vs. PRIV_TTY_CONSOLE
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: gljennjohn@googlemail.com
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Jan 2011 10:58:16 -0000

On Thu, 06 Jan 2011 19:15:35 -0800
Craig Leres <leres@ee.lbl.gov> wrote:

> I recently upgraded my desktop from 7.2-RELEASE to 8.1-RELEASE and
> noticed that I no longer get biff messages in my "console" xterm window.
> I traced this to:
> 
>     xterm: cannot open console: Operation not permitted
> 
> and see that the TIOCCONS code in tty_generic_ioctl() is checking for
> PRIV_TTY_CONSOLE. So far so good. But I don't *any* code that ever
> grants PRIV_TTY_CONSOLE! As far as I can tell it's now totally
> impossible to ever set a terminal as a console TTY (even for root). This
> ioctl has been effectively disabled.
> 
> Shouldn't PRIV_TTY_CONSOLE be granted when a user logs onto /dev/ttyvX?
> 

See the reply I just posted to current.

If your xterm is setuid root it does work, because the privilege checking
code doesn't look at the credential passed in.

It's still a bug, but you can work around it.

-- 
Gary Jennejohn