For mgetty users with non-trusted shell logins

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

Hi,

On Fri, Jan 29, 1999 at 01:17:24PM +0100, Marc SCHAEFER wrote:
> Gert, another question: do you do a vhangup() or equivalent before
> changing to 600 ?  

No, but *before* chmod, this wouldn't be useful anyway.  Doing it 
afterwards would be - and you can achieve that with EXEC_FUSER now.

> No you basically can't, except if vhangup() doesn't
> kill the fd itself. If you can't, then it's another troyan possibility
> for people allowed to dial out through group.
> (although this time it competes with mgetty for accessing the port).
> Or do you open exclusively ?

No exclusive open, but that's the same race condition as before...

gert
-- 
Gert Doering
Mobile communications ... right now writing from *AWAY* :-)) 
... mobile phone: +49 177 2160221 ... or mail me:  gert@greenie.muc.de