Debian Bug report logs -
#25847
makedev: /dev/tty[0-9]* shouldn't be world-writeable
Reported by: prak3264@ss1000.ms.mff.cuni.cz
Date: Mon, 17 Aug 1998 18:18:18 UTC
Severity: normal
Fixed in version makedev/2.3.1-59
Done: Bdale Garbee <bdale@gag.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to prak3264@ss1000.ms.mff.cuni.cz
:
New bug report received and forwarded. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: general
Version: N/A
Note that some of these might be (very) naive:
The log file /var/log/dpkg-mountable is world readable. It might be risky if
some of the configurations scripts asks for some password or like...
---
Is it ok that smail logs containg information about mail delivery are world
readable?
---
The mountpoints /cdrom and /floppy are set to g+wxs. However, I think that
the g+w flag is of no use here, as when a fstab entry with 'user' option
enabled is mounted, the access flags are changed and the mount point is
owned by respective user since then anyway. So the g+w just allows users in
the cdrom and floppy groups to store files on your root partition (when
/cdrom resp. /floppy is not mounted), which I don't consider useful.
I doubt that the g+s is of any use as well, and so is the setting of the
gids of these mountpoints to group cdrom resp. floppy.
---
Is it ok that anybody can use logger (resp. /dev/log) to fill all space in
/var/log?
---
Is it ok that anybody can write to /dev/console (resp. /dev/tty0)?
If not, makedev's devinfo is not ok.
---
Is it ok that currently unused (i.e., no one logged on at the moment, and
getty is waiting there) /dev/tty1-6 are chgrp dialout and chmod 0660? I
thought that dialout is for accessing the modem lines, i.e.,
/dev/ttyS0-4, and I would expect chgrp tty on tty1-6.
---
Is it ok that anybody can write anything to any
other tty (/dev/tty7-63) (fake log messages on /dev/tty8 come in mind) ?
---
Is there some deep purpose for vcs0-6 and vcsa0-6 (i.e., the used ones)
being chgrp sys while others vcs's and vcsa's are chgrp root?
-- System Information
Debian Release: 2.0
Kernel Version: Linux pandora 2.0.35 #1 Sat Aug 1 17:24:40 CEST 1998 i586 unknown
Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@ctv.es>
:
Bug#25847
; Package base-files
.
(full text, mbox, link).
Acknowledgement sent to Santiago Vila <sanvila@unex.es>
:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@ctv.es>
.
(full text, mbox, link).
Message #12 received at 25847@bugs.debian.org (full text, mbox, reply):
Hi.
The following bug (#25847) is currently assigned to base-files:
> The mountpoints /cdrom and /floppy are set to g+wxs. However, I think that
> the g+w flag is of no use here, as when a fstab entry with 'user' option
> enabled is mounted, the access flags are changed and the mount point is
> owned by respective user since then anyway. So the g+w just allows users in
> the cdrom and floppy groups to store files on your root partition (when
> /cdrom resp. /floppy is not mounted), which I don't consider useful.
>
> I doubt that the g+s is of any use as well, and so is the setting of the
> gids of these mountpoints to group cdrom resp. floppy.
I think the submitter is right, and will therefore make /floppy and /cdrom
to be mode 755 and root.root. However, I'm not a guru on mount options.
If there is anybody who find the current permissions useful then please
speak now, before I change them.
[ I'm Cc:ing the former base-files maintainer ].
Thanks.
--
"dbc49d6f9bc68e1a56b1c0f6ba9dcd11" (a truly random sig)
Information forwarded to debian-bugs-dist@lists.debian.org, Santiago Vila <sanvila@ctv.es>
:
Bug#25847
; Package base-files
.
(full text, mbox, link).
Acknowledgement sent to bruce@perens.com (Bruce Perens)
:
Extra info received and forwarded to list. Copy sent to Santiago Vila <sanvila@ctv.es>
.
(full text, mbox, link).
Message #17 received at 25847@bugs.debian.org (full text, mbox, reply):
Permissions on mount points don't seem to make much difference. I was able to
mount a filesystem on a mount point with mode 0, and once mounted the
permissions come from the mounted filesystem, not the mount point.
Thanks
Bruce
Changed Bug title.
Request was from Josip Rodin <joy@cibalia.gkvk.hr>
to control@bugs.debian.org
.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to Colin Watson <cjwatson@flatline.org.uk>
:
Extra info received and forwarded to list. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #26 received at 25847@bugs.debian.org (full text, mbox, reply):
On Mon, 17 Aug 1998 at 19:48:10 +0200, Patrik Rak wrote:
[OK, let's see how many of these are done, nearly three years later ...]
> The log file /var/log/dpkg-mountable is world readable. It might be risky if
> some of the configurations scripts asks for some password or like...
dpkg-mountable has been removed in woody.
> Is it ok that smail logs containg information about mail delivery are world
> readable?
In 1999, rcw suggested this was no longer valid; I don't know enough
about smail to check.
> The mountpoints /cdrom and /floppy are set to g+wxs. However, I think that
> the g+w flag is of no use here, as when a fstab entry with 'user' option
> enabled is mounted, the access flags are changed and the mount point is
> owned by respective user since then anyway. So the g+w just allows users in
> the cdrom and floppy groups to store files on your root partition (when
> /cdrom resp. /floppy is not mounted), which I don't consider useful.
>
> I doubt that the g+s is of any use as well, and so is the setting of the
> gids of these mountpoints to group cdrom resp. floppy.
Fixed, according to the base-files maintainer.
> Is it ok that anybody can use logger (resp. /dev/log) to fill all space in
> /var/log?
There is a section in the syslogd(8) man page describing ways to prevent
this:
SECURITY THREATS
There is the potential for the syslogd daemon to be used
as a conduit for a denial of service attack. Thanks go to
John Morrison (jmorriso@rflab.ee.ubc.ca) for alerting me
to this potential. A rogue program(mer) could very easily
flood the syslogd daemon with syslog messages resulting in
the log files consuming all the remaining space on the
filesystem. Activating logging over the inet domain sock
ets will of course expose a system to risks outside of
programs or individuals on the local machine.
There are a number of methods of protecting a machine:
1. Implement kernel firewalling to limit which hosts
or networks have access to the 514/UDP socket.
2. Logging can be directed to an isolated or non-root
filesystem which, if filled, will not impair the
machine.
3. The ext2 filesystem can be used which can be con
figured to limit a certain percentage of a filesys
tem to usage by root only. NOTE that this will
require syslogd to be run as a non-root process.
ALSO NOTE that this will prevent usage of remote
logging since syslogd will be unable to bind to the
514/UDP socket.
4. Disabling inet domain sockets will limit risk to
the local machine.
5. Use step 4 and if the problem persists and is not
secondary to a rogue program/daemon get a 3.5 ft
(approx. 1 meter) length of sucker rod* and have a
chat with the user in question.
Sucker rod def. -- 3/4, 7/8 or 1in. hardened steel
rod, male threaded on each end. Primary use in the
oil industry in Western North Dakota and other
locations to pump 'suck' oil from oil wells. Sec
ondary uses are for the construction of cattle feed
lots and for dealing with the occasional recalci
trant or belligerent individual.
> Is it ok that anybody can write to /dev/console (resp. /dev/tty0)?
> If not, makedev's devinfo is not ok.
/dev/console is now created with mode 0600.
> Is it ok that currently unused (i.e., no one logged on at the moment, and
> getty is waiting there) /dev/tty1-6 are chgrp dialout and chmod 0660? I
> thought that dialout is for accessing the modem lines, i.e.,
> /dev/ttyS0-4, and I would expect chgrp tty on tty1-6.
They're root:root mode 0600 on my system, but I'm running mingettys.
Anybody?
> Is it ok that anybody can write anything to any
> other tty (/dev/tty7-63) (fake log messages on /dev/tty8 come in mind) ?
If you use a tty for logging, you should probably restrict its
permissions ... your changes should be preserved.
> Is there some deep purpose for vcs0-6 and vcsa0-6 (i.e., the used ones)
> being chgrp sys while others vcs's and vcsa's are chgrp root?
MAKEDEV creates them all root:root mode 0600 now (at least looking at my
recently installed laptop).
If #2 is really done, and if #6 is the same for gettys as for mingettys,
then all of the other concerns seem to have been addressed by now. Can
we close this bug? Otherwise we should reassign it to whichever
package(s) still have problems.
Cheers,
--
Colin Watson [cjwatson@flatline.org.uk]
Information forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to Ian Eure <ieure@debian.org>
:
Extra info received and forwarded to list. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #31 received at 25847@bugs.debian.org (full text, mbox, reply):
On Mon, 9 Jul 2001, Colin Watson wrote:
> On Mon, 17 Aug 1998 at 19:48:10 +0200, Patrik Rak wrote:
>
> [snip]
>
> > Is it ok that currently unused (i.e., no one logged on at the moment, and
> > getty is waiting there) /dev/tty1-6 are chgrp dialout and chmod 0660? I
> > thought that dialout is for accessing the modem lines, i.e.,
> > /dev/ttyS0-4, and I would expect chgrp tty on tty1-6.
>
> They're root:root mode 0600 on my system, but I'm running mingettys.
> Anybody?
>
root:tty, 0666 on my three systems. one potato, one woody, one sid
w/devfs. should probably be 0660.
> > Is it ok that anybody can write anything to any
> > other tty (/dev/tty7-63) (fake log messages on /dev/tty8 come in mind) ?
>
> If you use a tty for logging, you should probably restrict its
> permissions ... your changes should be preserved.
>
> > Is there some deep purpose for vcs0-6 and vcsa0-6 (i.e., the used ones)
> > being chgrp sys while others vcs's and vcsa's are chgrp root?
>
> MAKEDEV creates them all root:root mode 0600 now (at least looking at my
> recently installed laptop).
>
/dev/vcs? & /dev/vcsa? files are root:root, 0600 on all my systems.
Information forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to Ethan Benson <erbenson@alaska.net>
:
Extra info received and forwarded to list. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #36 received at 25847@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Mon, Jul 09, 2001 at 06:49:54PM +0100, Colin Watson wrote:
>
> They're root:root mode 0600 on my system, but I'm running mingettys.
> Anybody?
getty in woody and potato changes the permissions to 622. mingetty
correctly changes them to 0600.
> > Is it ok that anybody can write anything to any
> > other tty (/dev/tty7-63) (fake log messages on /dev/tty8 come in mind) ?
>
> If you use a tty for logging, you should probably restrict its
> permissions ... your changes should be preserved.
this is a more serious bug then that, it was fixed but is now unfixed
(i just rm -fed all my tty[0-9]* devices and reran MADEDEV console,
all ttys were created 0666). bug#77168
makedev (2.3.1-48) unstable; urgency=low
* tighten up permissions on /dev/tty[0-XX] and /dev/kbd, closes: #77168
-- Bdale Garbee <bdale@gag.com> Sat, 25 Nov 2000 09:45:42 -0700
> If #2 is really done, and if #6 is the same for gettys as for mingettys,
> then all of the other concerns seem to have been addressed by now. Can
> we close this bug? Otherwise we should reassign it to whichever
> package(s) still have problems.
getty should be fixed, and makedev should refix bug#77168
--
Ethan Benson
http://www.alaska.net/~erbenson/
[Message part 2 (application/pgp-signature, inline)]
Information forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to dlc@aol.net (David L. Craig)
:
Extra info received and forwarded to list. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #41 received at 25847@bugs.debian.org (full text, mbox, reply):
Ethan Benson wrote:
> this is a more serious bug then that, it was fixed but is now unfixed
> (i just rm -fed all my tty[0-9]* devices and reran MADEDEV console,
> all ttys were created 0666). bug#77168
>
> makedev (2.3.1-48) unstable; urgency=3Dlow
>
> * tighten up permissions on /dev/tty[0-XX] and /dev/kbd, closes: #77168
>
> -- Bdale Garbee <bdale@gag.com> Sat, 25 Nov 2000 09:45:42 -0700
>
>
> > If #2 is really done, and if #6 is the same for gettys as for mingettys,
> > then all of the other concerns seem to have been addressed by now. Can
> > we close this bug? Otherwise we should reassign it to whichever
> > package(s) still have problems.
>
> getty should be fixed, and makedev should refix bug#77168
Hmmmm... I usually am within two weeks of Sid updates, but
my tty devices are mostly mtimed to when I first installed
Debian. Some have been updated, due to maintenance or
active use, I presume, but the permissions are, well,
interesting. Here's everything, with entries that are
identical save for name and maj/min diffs elided. Question:
do updates to MAKEDEV automatically rebuild all /dev entries?
crw-rw-rw- 1 root tty 2, 176 Nov 30 2000 /dev/ptya0
...
crw-rw-rw- 1 root tty 2, 175 Nov 30 2000 /dev/ptyzf
crw-rw-rw- 1 root tty 5, 0 Jun 18 13:07 /dev/tty
crw------- 1 dlc dlc 4, 0 Jun 18 13:07 /dev/tty0
crw------- 1 root tty 4, 1 Jul 10 07:01 /dev/tty1
crw-rw-rw- 1 root tty 4, 10 Nov 30 2000 /dev/tty10
...
crw-rw-rw- 1 root tty 4, 19 Nov 30 2000 /dev/tty19
crw------- 1 root root 4, 2 Jul 10 06:57 /dev/tty2
crw-rw-rw- 1 root tty 4, 20 Nov 30 2000 /dev/tty20
...
crw-rw-rw- 1 root tty 4, 29 Nov 30 2000 /dev/tty29
crw------- 1 root root 4, 3 Jul 10 06:57 /dev/tty3
crw-rw-rw- 1 root tty 4, 30 Nov 30 2000 /dev/tty30
...
crw-rw-rw- 1 root tty 4, 39 Nov 30 2000 /dev/tty39
crw------- 1 root root 4, 4 Jul 10 06:57 /dev/tty4
crw-rw-rw- 1 root tty 4, 40 Nov 30 2000 /dev/tty40
...
crw-rw-rw- 1 root tty 4, 49 Nov 30 2000 /dev/tty49
crw------- 1 root root 4, 5 Jul 10 06:57 /dev/tty5
crw-rw-rw- 1 root tty 4, 50 Nov 30 2000 /dev/tty50
crw-rw-rw- 1 root tty 4, 59 Nov 30 2000 /dev/tty59
...
crw------- 1 dlc tty 4, 6 Jul 10 07:02 /dev/tty6
crw-rw-rw- 1 root tty 4, 60 Nov 30 2000 /dev/tty60
...
crw-rw-rw- 1 root tty 4, 63 Nov 30 2000 /dev/tty63
crw-rw-rw- 1 dlc dlc 4, 7 Nov 30 2000 /dev/tty7
crw-rw-rw- 1 root tty 4, 8 Nov 30 2000 /dev/tty8
crw-rw-rw- 1 root tty 4, 9 Nov 30 2000 /dev/tty9
crw-rw---- 1 root dialout 4, 64 Nov 30 2000 /dev/ttyS0
crw-rw---- 1 root dialout 4, 65 Nov 30 2000 /dev/ttyS1
crw-rw---- 1 root dialout 4, 66 Nov 30 2000 /dev/ttyS2
crw-rw---- 1 root dialout 4, 67 Nov 30 2000 /dev/ttyS3
crw-rw-rw- 1 root tty 3, 176 Nov 30 2000 /dev/ttya0
crw-rw-rw- 1 root tty 3, 255 Nov 30 2000 /dev/ttyef
...
crw-rw-rw- 1 root tty 3, 0 Jun 18 15:33 /dev/ttyp0
crw-rw-rw- 1 root tty 3, 1 Nov 30 2000 /dev/ttyp1
...
crw-rw-rw- 1 root tty 3, 175 Nov 30 2000 /dev/ttyzf
Information forwarded to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org
:
Bug#25847
; Package general
.
(full text, mbox, link).
Acknowledgement sent to Ethan Benson <erbenson@alaska.net>
:
Extra info received and forwarded to list. Copy sent to debian-devel@lists.debian.org
.
(full text, mbox, link).
Message #46 received at 25847@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
On Tue, Jul 10, 2001 at 08:07:58AM -0400, David L. Craig wrote:
>
> Hmmmm... I usually am within two weeks of Sid updates, but
> my tty devices are mostly mtimed to when I first installed
> Debian. Some have been updated, due to maintenance or
> active use, I presume, but the permissions are, well,
> interesting. Here's everything, with entries that are
> identical save for name and maj/min diffs elided. Question:
> do updates to MAKEDEV automatically rebuild all /dev entries?
no, when you change permissions on something they are generally
preserved by makedev. but i rm -f'ed all my tty devices:
root@chrooted root# cd /dev/
root@chrooted dev# rm -f tty[0-9]* # wheeee ;-)
root@chrooted dev# ls -l tty2
ls: tty2: No such file or directory
root@chrooted dev# ./MAKEDEV console
root@chrooted dev# ls -l tty2
crw-rw-rw- 1 root tty 4, 2 Jul 10 05:13 tty2
root@chrooted dev# ls -l tty30
crw-rw-rw- 1 root tty 4, 30 Jul 10 05:13 tty30
root@chrooted dev# ls -l tty12
crw-rw-rw- 1 root tty 4, 12 Jul 10 05:13 tty12
root@chrooted dev# dpkg -s makedev | grep ^Ver
Version: 2.3.1-53
root@chrooted dev#
--
Ethan Benson
http://www.alaska.net/~erbenson/
[Message part 2 (application/pgp-signature, inline)]
Bug reassigned from package `general' to `makedev'.
Request was from Colin Watson <cjwatson@debian.org>
to control@bugs.debian.org
.
(full text, mbox, link).
Changed Bug title.
Request was from Colin Watson <cjwatson@debian.org>
to control@bugs.debian.org
.
(full text, mbox, link).
Reply sent to Bdale Garbee <bdale@gag.com>
:
You have taken responsibility.
(full text, mbox, link).
Notification sent to prak3264@ss1000.ms.mff.cuni.cz
:
Bug acknowledged by developer.
(full text, mbox, link).
Message #55 received at 25847-close@bugs.debian.org (full text, mbox, reply):
We believe that the bug you reported is fixed in the latest version of
makedev, which is due to be installed in the Debian FTP archive:
makedev_2.3.1-59.diff.gz
to pool/main/m/makedev/makedev_2.3.1-59.diff.gz
makedev_2.3.1-59.dsc
to pool/main/m/makedev/makedev_2.3.1-59.dsc
makedev_2.3.1-59_all.deb
to pool/main/m/makedev/makedev_2.3.1-59_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 25847@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bdale Garbee <bdale@gag.com> (supplier of updated makedev package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 6 Jul 2002 10:31:04 -0600
Source: makedev
Binary: makedev
Architecture: source all
Version: 2.3.1-59
Distribution: unstable
Urgency: low
Maintainer: Bdale Garbee <bdale@gag.com>
Changed-By: Bdale Garbee <bdale@gag.com>
Description:
makedev - Creates device files in /dev.
Closes: 25847 30809 69056 141391 147144 147324 151684
Changes:
makedev (2.3.1-59) unstable; urgency=low
.
* add 'sunmouse' to generic-arm, closes: #141391
* add hd[abcd] to generic-hppa
* 2.3.1-48 tightened permissions on (virtual) consoles, but not allp ways
the devices could be created were caught. finish cleaning up console
permissions, simplifying things a bit in the process, closes: #25847
* patches from Ian Zimmerman <itz@speakeasy.org> to eliminate dependencies
on programs that live in /usr/bin, closes: #147144
* rewritten man page for MAKEDEV from Chris Tillman, a vast improvement!
closes: #147324, #30809, #69056
* fix bashisms in first() and second(), closes: #151684
Files:
0c9ba4588bf5bb405e76b7ea8c89a751 554 base required makedev_2.3.1-59.dsc
0bd4f0206fc0ef488a8ce4536a667b59 41200 base required makedev_2.3.1-59.diff.gz
f329e2d4ea61a36c8dd02aac39f15682 35710 base required makedev_2.3.1-59_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9JykPZKfAp/LPAagRAqhzAJ9GHzK+lFWY0IfwfKRzBFUFzyFiaQCghYJn
GvHUoVA9MNrxUgcNyJ9Wsf4=
=brcH
-----END PGP SIGNATURE-----
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Apr 17 22:23:00 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.