[Pkg-shadow-devel] Bug#59439: login.defs: Should we document why default TTYPERM is 0600?
Christian Perrier
Christian Perrier <bubulle@debian.org>, 59439@bugs.debian.org
Thu, 12 May 2005 18:34:35 +0200
retitle 59439 [DOC] [CHRISTIAN] login.defs: TTYPERM description and defau=
lt are inconsistent
tags 59439 confirmed
thanks
Ben Collins answer to #59439 seems to make sense to me. I tested all
this and, with the default setting of TTYPERM 0600 we have in Debian,
users cannot use write to another user unless that user issues "dmesg
y" in his/her terminal.
This is a secure default which shouldn't probably be changed.
So, the only concernis maybe adding some more comments to
/etc/login.defs:
# In Debian /usr/bin/bsd-write or similar programs are setgid tty
# However, the default and recommended value for TTYPERM is still 0600
# to not allow anyone to write to anyone else console or terminal
# Users can overwrite this setting by using the "dmesg y" command
Colin, does it sound OK for you and enough to fix this bug=A0?
--=20