Date: Mon, 19 May 1997 22:55:20 -0600 (MDT) From: Wes Peters - Softweyr LLC <softweyr@xmission.com> To: gurney_j@resnet.uoregon.edu Cc: questions@freebsd.org Subject: Re: /usr/sbin/wall is suid root. Message-ID: <199705200455.WAA01154@xmission.xmission.com> In-Reply-To: <19970514130407.00511@hydrogen.nike.efn.org> from "John-Mark Gurney" at May 14, 97 01:04:07 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Jonathan Mini wrote:
% Personally, I think that being able to transmit an abatrary string of
% characters to every user's console on the system is a bit of a security
% hole. ANSI keyboard reassignments come to mind.
But it doesn't allow you to write on everyone's terminal, just those
who have set 'mesg y'. See wall(1). (Unless you're root, in which
case you can do *anything*. ;^)
> well.. I think Mini didn't check close enough... but stil... having it
> sgid tty can have adverse side effects... like allowing people to write
> to everyone... (REALLY anoying when you have around 8-15 logins.. :) )
Again, RTFM: wall(1).
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.xmission.com/~softweyr softweyr@xmission.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705200455.WAA01154>