Xref: utzoo comp.unix.wizards:25382 alt.security:2423
Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!ukc!axion!pharaoh!ian
From: ian@pharaoh.UUCP (Ian Crocker)
Newsgroups: comp.unix.wizards,alt.security
Subject: Re: BSD tty security, part 4: What You Can Look Forward To
Summary: TIOCSTI, device ownership
Message-ID: <438@pharaoh.UUCP>
Date: 3 May 91 16:37:14 GMT
References: <13266@goofy.Apple.COM> <7363:May202:45:0591@kramden.acf.nyu.edu> <1991May03.010840.5268@decuac.dec.com>
Organization: British Telecom
Lines: 16


Maybe I am missing something here but I don't see where the security issue
lies.  Sure it is easy to knock up a program that disassociates itself from
the controlling tty using TIOCNOTTY, then attach to another tty that you have
write permission on.  However when you try and do the TIOCSTI it fails on
all the systems I have tried it on because you are not the owner of the
device. I know that the manual says it should work as you are trying
to do the ioctl on your control terminal, but this is not the case on my
systems - you have to own the device or have an euid of 0.

Ian.

-- 
Ian Crocker
NPW-mail : ian@pharaoh
usenet   : ian@cyborg.bt.co.uk