Where does getty get its information?
Geoff Coleman
geoff at edm.uucp
Fri Apr 12 08:21:23 AEST 1991
In article <6533 at awdprime.UUCP> jfh at greenber.austin.ibm.com (John F Haugh II) writes:
>In article <1991Apr08.154742.19459 at edm.uucp> geoff at edm.uucp (Geoff Coleman) writes:
>> There is an APAR in for this problem and I believe a fix is also
>>now available which will allow permissions for ports to stay at 0666.
>>
>> For the last time SUID is not a fix!!!!!!!!!!!!!!!!
>
>
>Accessibility and security are opposites. Serial ports should be secure
>since they are the mechanism used to gain access to the system. That
>means that changes which make them more accessible generally will make
>the system less "secure".
>--
I guess I should have made myself clearer by saying SUID to root
is not a fix. To tell somenone to set kermit to suid is asking for trouble.
Kermit can and wille scape to shells etc.
What I've been asking for is to allow someone other than root to
own the ports but not just anybody. If I could have uucp own my
bi-directional ports with permission 0660 and owned by uucp I would be
happy. I can do this on SYS V r3 why not in AIX.
In conclusion neither suid to root nor 0666 permissions on a port
is an acceptable fix.
Geoff Coleman
Unexsys Systems
>John F. Haugh II | I've Been Moved | MaBellNet: (512) 838-4340
>SneakerNet: 809/1D064 | AGAIN ! | VNET: LCCB386 at AUSVMQ
>BangNet: ..!cs.utexas.edu!ibmchs!auschs!snowball.austin.ibm.com!jfh (e-i-e-i-o)
More information about the Comp.unix.aix
mailing list