Re: A requirement for the current user to own ttys

2017-03-11 Thread Egmont Koblinger
Hi, On Sun, Mar 12, 2017 at 12:54 AM, Key Offecka wrote: > > if the user (the real user, not the effective one) is root then permission > check is successful > else > if the user owns the resource then permission check is successful > else > if the user belongs to

Re: A requirement for the current user to own ttys

2017-03-11 Thread Key Offecka
Hi, > You did mention "sudo" a couple of times Yes, I did. And maybe even more times, but I never told about extra rights obtained by a user just because of sudoing. > You keep talking about "first" and "second" user, in order to have these you must switch user by some means And I told you, in

Re: A requirement for the current user to own ttys

2017-03-11 Thread Egmont Koblinger
Hi, On Sat, Mar 11, 2017 at 7:50 PM, Konstantin I. wrote: > Hi, > > > Nope. Via "sudo", the first user is allowed to execute certain commands > on behalf of the second, not the other way around. > > I didn't say "via sudo" > You did mention "sudo" a couple of times. You

Re: A requirement for the current user to own ttys

2017-03-11 Thread Konstantin I.
Hi, Nope. Via "sudo", the first user is allowed to execute certain commands on behalf of the second, not the other way around. I didn't say "via sudo" I said: the second user (`ghost` in this example) is authorised to act on behalf of `echo`. How it's done is irrelevant. You mentioned

Re: A requirement for the current user to own ttys

2017-03-11 Thread Egmont Koblinger
Hi, The requirement here is that the second user (`ghost` in this example) is > authorised to act on behalf of `echo`. > Nope. Via "sudo", the first user is allowed to execute certain commands on behalf of the second, not the other way around. During this, the second user doesn't have any access

Re: A requirement for the current user to own ttys

2017-03-11 Thread Key Offecka
Hi Egmont, > What do you mean the tty owner is the _problem_? What kind of problem? Please excuse me, I wasn't quite correct there. Let's forget about permissions and TTYs. Let's look at the issue from the user point of view. Please consider this case: There is a user, say `echo` and there is

Re: A requirement for the current user to own ttys

2017-03-11 Thread Egmont Koblinger
Hi, > All you say about vcs* sounds reasonable, unfortunately according to the code, the tty owner is the problem. What do you mean the tty owner is the _problem_? What kind of problem? I believe it's not the _problem_, it's the piece of information we rely on to figure out if cons.saver is