SecurityFocus

aterm 0.4.2 tty permission weakness Jul 13 2004 04:04PM
Maarten Tielemans (TTIelu_DaInfraCrew hotmail com) (4 replies)

Re: [security] aterm 0.4.2 tty permission weakness Jul 14 2004 10:26AM
lorenzo (lagrespan gmail com)

Re: aterm 0.4.2 tty permission weakness Jul 14 2004 09:59AM
Sebastian Hans (hanss in tum de)

Re: aterm 0.4.2 tty permission weakness Jul 14 2004 07:47AM
Armin Wolfermann (aw osn de)

Re: aterm 0.4.2 tty permission weakness Jul 14 2004 04:10AM
Coleman Kane (cokane cokane org)

I'm using aterm 0.4.2 on my gentoo 2004.1 box. It looks like this:

cokane@schizophreniac:~> ls -l /dev/pts/16
crw--w---- 1 cokane tty 136, 16 Jul 14 00:09 /dev/pts/16

That is with mesg y. And I checked, it -is- pts/16.

On Tue, 2004-07-13 at 12:04, Maarten Tielemans wrote:
> Aterm has an issue with creating a terminal.
>
> A quick ls al on a aterm with mesg y shows:
> crw--w--w- 1 alsdk users 5, 3 Jul 13 17:27 /dev/ttyp3
> with mesg n:
> crw-----w- 1 alsdk users 5, 3 Jul 13 17:28 /dev/ttyp3
>
> 1) World (nobody) is able to echo or cat towards the terminal
> echo hello >> /dev/ttyp3
> cat mkdir >> /dev/ttyp3
> 2) The group seems to be incorrect, a normal terminal has default group tty
>
> A xterm with mesg y shows :
> crw--w---- 1 ttielu tty 5, 5 Jul 13 17:27 ttyp5
> and with mesg n :
> crw------- 1 ttielu tty 5, 5 Jul 13 17:27 ttyp5
>
> Advice: use xterm
>
> Bug found by TTIelu, reverse engineered by alsdk and TTIelu

[ reply ]