-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> i just tried changing the permissions on /dev/gpmctl to
Ethan> mode 0600 root.root and gpm still works just fine, at least
Ethan> for what i use it for (simple copy and paste
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> "Ethan" == Ethan Benson <[EMAIL PROTECTED]> writes:
Ethan> i just tried changing the permissions on /dev/gpmctl to
Ethan> mode 0600 root.root and gpm still works just fine, at least
Ethan> for what i use it for (simple copy and past
Ethan Benson ([EMAIL PROTECTED]) wrote:
> there is another point, how necessary is it for gpm to run as root?
the DoS has nothing to do with executing naughty code, but with mucking
around with the mouse itself. gpm reads from the serial port, and writes to
/dev/vcs* (i think). so making gpm run a
On Mon, Jul 31, 2000 at 03:07:38AM +, Jim Breton wrote:
> On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> > we we could just fix the DoS in gpm, no?
>
> Presumably so, though I'm not sure how the internals of gpm work... it
> is conceivable that any data written to that socket
On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> we we could just fix the DoS in gpm, no?
Presumably so, though I'm not sure how the internals of gpm work... it
is conceivable that any data written to that socket in the right format
(or whatever) would be read as valid by the gpm pr
Ethan Benson ([EMAIL PROTECTED]) wrote:
> there is another point, how necessary is it for gpm to run as root?
the DoS has nothing to do with executing naughty code, but with mucking
around with the mouse itself. gpm reads from the serial port, and writes to
/dev/vcs* (i think). so making gpm run
On Mon, Jul 31, 2000 at 03:07:38AM +, Jim Breton wrote:
> On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> > we we could just fix the DoS in gpm, no?
>
> Presumably so, though I'm not sure how the internals of gpm work... it
> is conceivable that any data written to that socket
On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> we we could just fix the DoS in gpm, no?
Presumably so, though I'm not sure how the internals of gpm work... it
is conceivable that any data written to that socket in the right format
(or whatever) would be read as valid by the gpm p
On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> On Sat, Jul 29, 2000 at 03:37:30AM +, Jim Breton wrote:
> >
> > Yup. Until we have a package which sets restricted permissions on its
> > own, when it creates the socket. :-{
>
> we we could just fix the DoS in gpm, no?
i just
On Sat, Jul 29, 2000 at 03:37:30AM +, Jim Breton wrote:
>
> Yup. Until we have a package which sets restricted permissions on its
> own, when it creates the socket. :-{
we we could just fix the DoS in gpm, no?
--
Ethan Benson
http://www.alaska.net/~erbenson/
pgpBUWm6B9m9K.pgp
Descriptio
On Sat, Jul 29, 2000 at 02:41:51PM -0800, Ethan Benson wrote:
> On Sat, Jul 29, 2000 at 03:37:30AM +, Jim Breton wrote:
> >
> > Yup. Until we have a package which sets restricted permissions on its
> > own, when it creates the socket. :-{
>
> we we could just fix the DoS in gpm, no?
i jus
On Sat, Jul 29, 2000 at 03:37:30AM +, Jim Breton wrote:
>
> Yup. Until we have a package which sets restricted permissions on its
> own, when it creates the socket. :-{
we we could just fix the DoS in gpm, no?
--
Ethan Benson
http://www.alaska.net/~erbenson/
PGP signature
On Fri, Jul 28, 2000 at 08:11:12AM +, Jim Breton wrote:
> On Thu, Jul 27, 2000 at 11:56:03PM -0800, Ethan Benson wrote:
> > pam_group is only relativly secure if your system is installed and
> > configured a certain way:
>
> Yup, some of that is mentioned in the documentation... nevertheless,
On Fri, Jul 28, 2000 at 08:11:12AM +, Jim Breton wrote:
> On Thu, Jul 27, 2000 at 11:56:03PM -0800, Ethan Benson wrote:
> > pam_group is only relativly secure if your system is installed and
> > configured a certain way:
>
> Yup, some of that is mentioned in the documentation... nevertheless,
On Fri, 28 Jul 2000, Jim Breton wrote:
> And the file only exists while gpm is running (it's removed when you
> stop gpm) so I am guessing it is the socket through which clients read
> mouse data.
Isn't that /dev/gpmdata?
--
Zak Kipling, Girton College, Cambridge.
"As long as the superstition
On Fri, 28 Jul 2000, Jim Breton wrote:
> And the file only exists while gpm is running (it's removed when you
> stop gpm) so I am guessing it is the socket through which clients read
> mouse data.
Isn't that /dev/gpmdata?
--
Zak Kipling, Girton College, Cambridge.
"As long as the superstition
On Thu, Jul 27, 2000 at 11:56:03PM -0800, Ethan Benson wrote:
> pam_group is only relativly secure if your system is installed and
> configured a certain way:
Yup, some of that is mentioned in the documentation... nevertheless, it
would be a big improvement over making the socket world-writable.
On Fri, Jul 28, 2000 at 06:53:51AM +, Jim Breton wrote:
> Do we have any plans in the works for a fix similar to what Red Hat are
> doing?
>
> Running potato here, and the permissions on /dev/gpmctl are indeed 777.
>
> I am thinking about changing the group ownership on mine to "mouse"
> (cre
Do we have any plans in the works for a fix similar to what Red Hat are
doing?
Running potato here, and the permissions on /dev/gpmctl are indeed 777.
I am thinking about changing the group ownership on mine to "mouse"
(creating that group) and using the /etc/security/group.conf mechanism
to put
On Thu, Jul 27, 2000 at 11:56:03PM -0800, Ethan Benson wrote:
> pam_group is only relativly secure if your system is installed and
> configured a certain way:
Yup, some of that is mentioned in the documentation... nevertheless, it
would be a big improvement over making the socket world-writable.
On Fri, Jul 28, 2000 at 06:53:51AM +, Jim Breton wrote:
> Do we have any plans in the works for a fix similar to what Red Hat are
> doing?
>
> Running potato here, and the permissions on /dev/gpmctl are indeed 777.
>
> I am thinking about changing the group ownership on mine to "mouse"
> (cr
Do we have any plans in the works for a fix similar to what Red Hat are
doing?
Running potato here, and the permissions on /dev/gpmctl are indeed 777.
I am thinking about changing the group ownership on mine to "mouse"
(creating that group) and using the /etc/security/group.conf mechanism
to put
22 matches
Mail list logo
