ioctl-ability, the TIOCCDTR problem
phil.rice%rand-relay at sri-unix.UUCP
phil.rice%rand-relay at sri-unix.UUCP
Wed Jul 6 11:14:44 AEST 1983
From: Bill.LeFebvre <phil.rice at rand-relay>
Oops! I wasn't thinking clearly when I composed that letter. It was
an idea off the top of my head and I didn't stop to think about the
consequences. I rescind my previous suggestion "allow only the owner
of a terminal to change the terminal mode". But I just can't stop
thinking that somehow the owner of the terminal can be worked into a
solution for this security problem. Perhaps allow only the owner to
change SOME of the terminal modes? No, I'm afraid that's a bit too
hackish for my taste. I quite agree, however, that no matter how many
restrictions you place on ioctl's that change a terminal's state, you
still have the problem of anyone in the world writing any control
sequence they wish to your terminal.
For some reason, setting the terminal to mode 600 and having write and
such set-uid rubs me the wrong way. It must just be the set-uid
paranoia that is running rampant on UN*X systems these days.
Thank you all for staying awake when I was quite obviously asleep at
my terminal!
Bill LeFebvre
CSNet: phil at Rice
ARPAnet: phil.Rice at Rand-Relay
uucp: ...!lbl-csam!rice!phil
More information about the Comp.unix.wizards
mailing list