can't see non-root writes to /dev/console
Edwin Groothuis
edwin at mavetju.org
Mon Oct 13 14:22:59 PDT 2008
On Sun, Oct 12, 2008 at 10:23:53PM -0700, Jeremy Chadwick wrote:
> > The ioctl call fails (EPERM) because only superuser can use TIOCCONS,
> > regardless the ownership of the device. Using xterm with the "-C"
> > argument works because xterm is installed with the setuid flag bit on.
> > So the solution is "chmod +us xconsole".
>
> Can someone security audit this program before blindly setuid-root'ing
> it?
Isn't xconsole not just the same values as /var/log/messages ?
So information-leaking-wise it isn't a huge deal. Only the program
itself is now the unknown.
Edwin
--
Edwin Groothuis Website: http://www.mavetju.org/
edwin at mavetju.org Weblog: http://www.mavetju.org/weblog/
More information about the freebsd-stable
mailing list