Bug#1087496: util-linux: mesg, write and wall unclean status
Vincent Lefevre
vincent at vinc17.net
Fri Dec 13 10:48:48 GMT 2024
On 2024-12-13 11:31:24 +0100, Chris Hofstaedtler wrote:
> * Jakub Wilk <jwilk at jwilk.net> [241211 19:09]:
> > * Chris Hofstaedtler <zeha at debian.org>, 2024-11-14 20:57:
> > > As far as I can tell, the default for /dev/tty* is mode 0620, and the
> > > group owner being tty. No users should be part of that group.
> >
> > There's at least nwall, which is setgid tty:
> >
> > $ ls -l /usr/bin/nwall
> > -r-xr-sr-x 1 root tty 17988 Nov 14 21:30 /usr/bin/nwall
>
> I don't quite understand why nwall is relevant here. It is a program
> that is installed by root. It still does not make a random user be
> part of the tty group.
But since it is setgid tty, users who have "w" for the group on the
tty device will be allowed to receive messages from any other user,
won't they?
And the write permission for the group was controlled by the mesg
command.
> > > So no, you don't need to remove the +w part from the tty group.
> >
> > Yes, you do.
>
> systemd could probably change its compiled-in 0620 setting to 0600.
> CCing systemd@ for that.
This means that users will not be able to receive messages from
non-root users with nwall.
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the Pkg-systemd-maintainers
mailing list