SetGroup Write command
guyton%rand-unix at sri-unix.UUCP
guyton%rand-unix at sri-unix.UUCP
Mon Jul 11 10:55:00 AEST 1983
I plugged this hole here a little over a year ago by making the
ttys owned by a special group "write", and had the write command
be setgid to that group. Seems to make more sense to me than yet
another setuid-root program floating around.
In case you want to do the same thing, the changes were:
/etc/group: added "write" group with no logins. Only for write pgm!
write.c: closed other terminal before exec of shell
write.c: set group id back to real id before exec of shell
write.c: map outgoing control characters into ^X form
write.c: stat checks now for 020 bit instead of 002 bit
login.c: change of tty group to "write" group. chmod to 620
mesg.c: change to use 020 bit instead of 022
finger.c: checks for stat 0220 instead of 0222 for "messages off" logic
-- Jim Guyton
More information about the Comp.unix.wizards
mailing list