Mailing-List: contact cygwin-developers-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-developers-subscribe AT sources DOT redhat DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin-developers/>
List-Post: <mailto:cygwin-developers AT sources DOT redhat DOT com>
List-Help: <mailto:cygwin-developers-help AT sources DOT redhat DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-developers-owner AT sources DOT redhat DOT com
Delivered-To: mailing list cygwin-developers AT sources DOT redhat DOT com
Message-ID: <005201c0b829$2e4bbfa0$0200a8c0@lifelesswks>
From: "Robert Collins" <robert DOT collins AT itdomain DOT com DOT au>
To: "egor duda" <cygwin-developers AT cygwin DOT com>
Cc: <cygwin-developers AT cygwin DOT com>
References: <4531563555 DOT 20010328212023 AT logos-m DOT ru> <00c001c0b7ce$260631a0$0200a8c0 AT lifelesswks> <3881491588 DOT 20010329111232 AT logos-m DOT ru>
Subject: Re: security hole in tty handling code
Date: Thu, 29 Mar 2001 18:20:55 +1000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
X-OriginalArrivalTime: 29 Mar 2001 08:15:42.0123 (UTC) FILETIME=[723DCFB0:01C0B828]

----- Original Message -----
From: "Egor Duda" <deo AT logos-m DOT ru>
To: "Robert Collins" <robert DOT collins AT itdomain DOT com DOT au>
Cc: <cygwin-developers AT cygwin DOT com>
Sent: Thursday, March 29, 2001 5:12 PM
Subject: Re: security hole in tty handling code


> Hi!
>
> Thursday, 29 March, 2001 Robert Collins robert DOT collins AT itdomain DOT com DOT au
wrote:
>
> RC> Why not just set the permissions and let the client calls fail if
they
> RC> aren't from the same user?
>
> because this will break applications that change user context, such as
> sshd.

Oh. Is there someway we can accomplish the same effect without a server?
Or perhaps the applications can pickup the handles before they change
context?

> RC> I've heard that
> RC> "server" based solutions like you've put toghether usually fail in
> RC> terminal server environments...
>
> do you have any evidence? anywaym, i think it's probably easy to test.
>
> Egor.            mailto:deo AT logos-m DOT ru ICQ 5165414 FidoNet
2:5020/496.19
>

Anecdotal at best. However I can pull together a term serv environment
if needed to help test.

One key issue is that you may/will need Global shared objects to make
the server accessible across all logged in user sessions.

Rob