Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!rhlab!kuhn
From: kuhn@rhlab.UUCP (Mike Kuhn)
Newsgroups: comp.unix.questions
Subject: UID ownership of cooperating tty
Keywords: file ownership, SUID root
Message-ID: <154@rhlab.UUCP>
Date: 27 Sep 90 14:50:35 GMT
Distribution: usa
Organization: Baltimore Rh Laboratory, Inc., Maryland
Lines: 23


I need to know the best/safest/only way to assign ownership of a
cooperating tty to UID of the users login terminal. I basically feel that
the solution I have (using the SUID and root) seems inappropriate for a
SIMPLE application.

Application: User starts a program that will interact with a  laboratory
device. Data regarding the device is displayed on the screen. Input from
the device comes through a cooperating tty (getty turned off) which the
application is reading from. Requests for output to the device can originate
on the users keyboard or via a keypad that is connected to the laboratory
device. Application basically polls the keyboard and keypad looking for
input. Commands are then written to cooperating tty to direct laboratory
device.

To change ownership of the cooperating tty requires:

1. Application must be SUID root.
2. Program changes ownership of /dev/tty?? to real UID.

Do I really need SUID root? How should the application be written to get me
this privilege without risking security problems of SUID root.?