Re: Security implications of tty group?
Florian Weimer wrote: > In other words, the warning makes perfect sense. Would it also be secure if (as the submitter of #349578 writes): > The tty is /dev/pts/* and is always owned and group-owned by me. ? That is, should the warning be suppressed in that case? -- Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Security implications of tty group?
Hello, security experts. In #349578 it is claimed that the mesg program should not warn if a tty device node fails to belong to group "tty". What are the security implications of a tty device node failing to belong to group "tty"? Please CC: me as I am not subscribed to this list. -- Thomas Hood -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Security implications of allowing init to re-exec from another path
For the record, we didn't add this feature. The person who requested it found that he could bind-mount a different executable over /sbin/init instead. -- Thomas Hood -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Security implications of allowing init to re-exec from another path
Hello security experts. In #345741 the submitter has requested that /sbin/init be enhanced such that it can be re-executed from another path. The idea is that "telinit -e INIT_PROG=/path/to/other/init" could be done prior to "telinit u". Reasons for introducing this feature are given in the discussion of #345741. Obviously not just anyone can do "telinit -e". So it sounds safe. Nevertheless the sysvinit maintainers thought it would be a good idea to ask here whether anyone sees any security problems arising from this feature. -- Thomas Hood -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]