Xref: utzoo unix-pc.general:7137 comp.sys.att:11421
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!apple!portal!cup.portal.com!thad
From: thad@cup.portal.com (Thad P Floryan)
Newsgroups: unix-pc.general,comp.sys.att
Subject: Re: mknod or ln (was /dev/syscon)
Message-ID: <37748@cup.portal.com>
Date: 9 Jan 91 00:36:35 GMT
References: <1991Jan8.085610.312@yenta.alb.nm.us>
Organization: The Portal System (TM)
Lines: 26

dt@yenta.alb.nm.us (David B. Thomas) in <1991Jan8.085610.312@yenta.alb.nm.us>
writes:

	Here's one for you hardcores out there.  In the book "Managing UUCP
	and USENET" (O'reilly and assoc), they suggest always doing a mknod
	rather than just linking, when associating, say, /dev/modem with
	/dev/tty000.  The reason?

	In a mysterious little footnote, they claim that just linking it can
	lead to a security hole.  That's all they say.

	Hmmm....Fermat's last unix security assessment.  Comments?

Their comment "probably" concerns "ownership" transfer when the device is
assigned to you.  Do an "ls -l" on your /dev directory and you'll note that
the tty, pty or window that YOU'RE on has your name and group whereas all the
other "unattached" ones are probably still "root; users" or "root; sys"

It's not clear to me how this would be a major problem as would, for example,
recent discussions in comp.unix.admin concerning clowns who "ln /bin/vi" to a
file in their directory whose ownership is changed nightly by "certain" admin
programs at sites which "chown" all files in a user's directory to that user
for accounting purposes ... once one is made the owner of, say, /bin/vi, one
could easily slip in a Trojan horse.

Thad Floryan [ thad@cup.portal.com (OR) ..!sun!portal!cup.portal.com!thad ]