can't see non-root writes to /dev/console
Carlos A. M. dos Santos
unixmania at gmail.com
Sun Oct 12 22:46:32 PDT 2008
On Mon, Oct 13, 2008 at 3:23 AM, Jeremy Chadwick <koitsu at freebsd.org> wrote:
> On Mon, Oct 13, 2008 at 03:16:37AM -0200, Carlos A. M. dos Santos wrote:
>> On Wed, Sep 10, 2008 at 11:54 PM, Carlos A. M. dos Santos
>> <unixmania at gmail.com> wrote:
>> > On Wed, Sep 10, 2008 at 5:34 PM, Jeff Blank <jb000002 at mr-happy.com> wrote:
>> >> I just upgraded a RELENG_7 (amd64) box from 20080714 to "latest"
>> >> (which seems to be from a few days ago--no changes from Monday
>> >> morning's csup to today's) and can no longer see the effect of writing
>> >> to /dev/console as non-root. When I log in using xdm, my user owns
>> >> /dev/console, mode 0622 (-rw--w--w-), and I start an 'xterm -C'. But
>> >> when I, for example,
>> >> echo foo > /dev/console
>> >> I see nothing in the console xterm. No error messages, and echo exits
>> >> 0. If I su to root and do the same, I get 'foo' in the same console
>> >> xterm. Syslog messages to /dev/console also appear, of course. All
>> >> the above applies to xconsole as well, not just xterm. I did
>> >> recompile xterm from 20080616 ports, but it didn't fix the issue
>> >> (didn't expect it to, as xterm clearly has no trouble attaching and
>> >> reading). So my echo is getting lost in the kernel, I guess.
>> >> Known problem? Intentional change? Something else?
>> > I have seen this problem since 6.x times and still on 7.x. I also
>> > noticed that if I send something to the console after xconsole starts
>> > then I can sned messages as an ordinary user. My workaround was
>> > modifying the Xsetup_0 script (I used xdm for login), adding a line
>> > with
>> > (sleep 3; date >> "$dev_console") &
>> > just after starting xconsole.
>> > I didn't have time to set up a machine with 8-CURRENT yet, so I could
>> > not check if the new mp-safe tty implementation fixes this, either
>> > intentionally or by a fortunate side effect.
>> I took some time to look at this again. I'm using 8.0-CURRENT now
>> (GENERIC kernel), csup'ed and compiled yesterday. Xconsole is unable
>> to open the console even if my user & group own /dev/console and the
>> permissions are set to 0622. This happens because of the following
>> code in xconsole.c:
>> 289 int on = 1;
>> 290 if (ioctl (tty_fd, TIOCCONS, (char *) &on) != -1)
>> 291 input = fdopen (pty_fd, "r");
>> The ioctl call fails (EPERM) because only superuser can use TIOCCONS,
>> regardless the ownership of the device. Using xterm with the "-C"
>> argument works because xterm is installed with the setuid flag bit on.
>> So the solution is "chmod +us xconsole".
> Can someone security audit this program before blindly setuid-root'ing
Doing it on my own notebook is not a major concern. The idea of making
it a general solution puts me nervous too. Xconsole itself is very
simple application but it uses a bunch of X libraries that may have
their own security issues. OTOH, xterm uses the same libraries, and
More information about the freebsd-stable