kde security hole on OpenBSD?

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

kde security hole on OpenBSD?

dfeustel
The permissions of pty's used by kde konsole sessions on OpenBSD never
are properly set for the user to which they are allocated. The permissions of the
pty used by a kde konsole session remain owned by root and globally rw.
This is because the call from konsole to kgrantpty to allocate the pty and to
set the pty ownership and permissions does not seem to connect with OpenBSD's
PTMGET command (man 4 pty) which does these tasks in OpenBSD.

You can see this after starting a few kde konsole sessions by using 'ls -l'
to inspect /dev/ptys[0-9]. The output of the ls command will show the time
that the pty was allocated to the kde konsole session, the global rw permissions,
and root ownership.

Dave Feustel.
--
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"

Reply | Threaded
Open this post in threaded view
|

Re: kde security hole on OpenBSD?

Marc Espie-2
On Mon, Dec 19, 2005 at 06:59:13AM -0500, Dave Feustel wrote:

> The permissions of pty's used by kde konsole sessions on OpenBSD never
> are properly set for the user to which they are allocated. The permissions of the
> pty used by a kde konsole session remain owned by root and globally rw.
> This is because the call from konsole to kgrantpty to allocate the pty and to
> set the pty ownership and permissions does not seem to connect with OpenBSD's
> PTMGET command (man 4 pty) which does these tasks in OpenBSD.
>
> You can see this after starting a few kde konsole sessions by using 'ls -l'
> to inspect /dev/ptys[0-9]. The output of the ls command will show the time
> that the pty was allocated to the kde konsole session, the global rw permissions,
> and root ownership.
>
> Dave Feustel.

konsole code is a big mess. This is not the actual issue, the actual issue
is that a big part of konsole needs to be specialized on OpenBSD to use
openpty, which will solve all of this.

Reply | Threaded
Open this post in threaded view
|

Re: kde security hole on OpenBSD?

dfeustel
On Monday 19 December 2005 07:58, Marc Espie wrote:

> On Mon, Dec 19, 2005 at 06:59:13AM -0500, Dave Feustel wrote:
> > The permissions of pty's used by kde konsole sessions on OpenBSD never
> > are properly set for the user to which they are allocated. The permissions of the
> > pty used by a kde konsole session remain owned by root and globally rw.
> > This is because the call from konsole to kgrantpty to allocate the pty and to
> > set the pty ownership and permissions does not seem to connect with OpenBSD's
> > PTMGET command (man 4 pty) which does these tasks in OpenBSD.
> >
> > You can see this after starting a few kde konsole sessions by using 'ls -l'
> > to inspect /dev/ptys[0-9]. The output of the ls command will show the time
> > that the pty was allocated to the kde konsole session, the global rw permissions,
> > and root ownership.
> >
> > Dave Feustel.
>
> konsole code is a big mess. This is not the actual issue, the actual issue
> is that a big part of konsole needs to be specialized on OpenBSD to use
> openpty, which will solve all of this.

Sounds Good to me!

Wishing Everyone A Merry Christmas
And A Happy New Year!

Dave Feustel
--
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"