Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!uw-beaver!rice!sun-spots-request From: auspex!guy@uunet.uu.net (Guy Harris) Newsgroups: comp.sys.sun Subject: Re: 4.0 in.telnetd is improperly restoring tty group ownership on exit Keywords: SunOS Message-ID: <1146@auspex.UUCP> Date: 23 Mar 89 21:09:22 GMT References: <8902201841.AA09835@mycroft.capmkt.com> Sender: usenet@rice.edu Organization: Auspex Systems, Santa Clara Lines: 40 Approved: Sun-Spots@rice.edu Original-Date: 11 Mar 89 00:37:07 GMT X-Sun-Spots-Digest: Volume 7, Issue 209, message 5 of 13 > 'talk', 'write', 'wall', and other programs which expect to write > on a user's tty are now set-GID to group "tty". > 'login' sets the mode of a user's tty to be group-writable but not > world-writable when the user logs in. > 'in.telnetd' sets the group-ownership of the pty it's been using to > GID 0 ("wheel") on exit. > >The first two above are apparently to keep random users from writing to >your screen except through "approved" channels (which must now be set-GID >to group "tty"). Exactly. Those changes come from 4.3BSD. >Unfortunately, 'login' doesn't check this, it just assumes it to be >true. Not true. I just tried it on a 4.0 system, and it not only changed the owner of the pseudo-tty on which I telnetted in to me, it changed the group owner to group "tty". I checked the 4.3BSD code (from which the SunOS code is derived), and it does, indeed, attempt to change the group ownership of the tty to group "tty". Now, if the "getgrnam" in "login" (or, at least, the 4.3BSD version of same) that tries to look up group "tty" in order to find its group ID fails, it changes the group owner to the user's "default group" (the one in the password file) instead; perhaps "/etc/group", or the YP map for it, is missing a "tty" entry or is inaccessible? >The problem is, 'in.telnetd'...sets the group ownership of the pty it >was using to GID 0 apparently in a misguided attempt to "clean >up" after itself. If you think it's misguided, I suggest you talk to the 4.xBSD folks at Berkeley about it, since not only does the 4.3BSD version do this, the 4.3-tahoe version does as well, so as of when they did the 4.3-tahoe version, they didn't consider it misguided. Asking Sun to change it may result in it being changed in SunOS, but not in 4.xBSD nor in systems other than SunOS that have gotten "telnetd" (or "rlogind" for that matter - it does the same thing) from 4.xBSD....