Debian bug report logs - #1545
`write' can't write to telnet logins

Message received at debian-bugs:

From cus.cam.ac.uk!iwj10 Fri Oct 13 12:27:57 1995
Return-Path: <iwj10@cus.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t3plt-000BHRC; Fri, 13 Oct 95 12:27 PDT
Received: from bootes.cus.cam.ac.uk by pixar.com with SMTP id AA26183
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Fri, 13 Oct 1995 12:27:32 -0700
Received: by bootes.cus.cam.ac.uk 
	(Smail-3.1.29.0 #36) id m0t3pld-000BzhC; Fri, 13 Oct 95 20:27 BST
Received: by chiark
	id <m0t3pYz-0002ZhZ@chiark.al.cl.cam.ac.uk>
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Fri, 13 Oct 95 20:14 BST
Message-Id: <m0t3pYz-0002ZhZ@chiark.al.cl.cam.ac.uk>
Date: Fri, 13 Oct 95 20:14 BST
From: Ian Jackson <iwj10@cus.cam.ac.uk>
To: debian-bugs@pixar.com
Subject: Re: Bug#1545: write' can't write, tty permissions
In-Reply-To: <199510131700.SAA02571@i17linuxb.ists.pwr.wroc.pl>
References: <m0t3NUK-0002ZbZ@chiark.al.cl.cam.ac.uk>
	<199510131700.SAA02571@i17linuxb.ists.pwr.wroc.pl>

Marek Michalkiewicz writes ("Re: Bug#1545: write' can't write, tty permissions"):
> The problem is the "several other files" (because csh has its own file
> incompatible with /etc/profile).  Ideally there should be a shell script
> executed by login instead of the login shell, which sets up environment,
> mesg y/n, resource limits etc., and then does "exec - $SHELL".

Unfortunately the chances of our being able to arrange this are nearly
zero - there are far too many programs which just run the login shell
directly.

> > I still think that the default, as shipped, should be mesg y.
> > Otherwise users will simply complain when they can't use talk &c.
> 
> One problem with mesg y by default (this may be the reason why SCO
> defaults to mesg n - it's C2, you know, even root can't log in if
> anything is screwed up :-).  Try to write to a user who is logging in
> at the moment (mesg y by default, changed to mesg n later), and if you
> succeed, don't exit write.  You will still be able to write to that
> user's terminal (because permissions are checked on open and never
> later).  This will cause trouble for PPP logins etc.
> 
> Maybe I am too paranoid - this is not very likely to really happen, but
> it is possible.  I don't insist on mesg n (right now there are other,
> more serious problems like /proc and the SAK not always guaranteed to
> work), but I just want to mention one potential problem...

This is a good point.

Hmm, can we find those several files where `mesg y' would have to be
set and set it there ?

Ian.

Message received at debian-bugs:

From i17linuxb.ists.pwr.wroc.pl!marekm Fri Oct 13 10:01:27 1995
Return-Path: <marekm@i17linuxb.ists.pwr.wroc.pl>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t3nU7-000D0lC; Fri, 13 Oct 95 10:01 PDT
Received: from i17linuxb.ists.pwr.wroc.pl by pixar.com with SMTP id AA13526
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Fri, 13 Oct 1995 10:00:56 -0700
Received: (from marekm@localhost) by i17linuxb.ists.pwr.wroc.pl (8.6.12/8.6.9) id SAA02571; Fri, 13 Oct 1995 18:00:57 +0100
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Message-Id: <199510131700.SAA02571@i17linuxb.ists.pwr.wroc.pl>
Subject: Re: Bug#1545: write' can't write, tty permissions
To: iwj10@cus.cam.ac.uk (Ian Jackson)
Date: Fri, 13 Oct 1995 18:00:54 +0100 (MET)
Cc: debian-bugs@pixar.com
In-Reply-To: <m0t3NUK-0002ZbZ@chiark.al.cl.cam.ac.uk> from "Ian Jackson" at Oct 12, 95 02:15:00 pm
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 1359      

Ian Jackson:
> That would be nice.  At the moment changing the local default for the
> whole system means editing /etc/profile and several other files.  I
> suppose the xterm app-defaults could be used.

The problem is the "several other files" (because csh has its own file
incompatible with /etc/profile).  Ideally there should be a shell script
executed by login instead of the login shell, which sets up environment,
mesg y/n, resource limits etc., and then does "exec - $SHELL".

> I still think that the default, as shipped, should be mesg y.
> Otherwise users will simply complain when they can't use talk &c.

One problem with mesg y by default (this may be the reason why SCO
defaults to mesg n - it's C2, you know, even root can't log in if
anything is screwed up :-).  Try to write to a user who is logging in
at the moment (mesg y by default, changed to mesg n later), and if you
succeed, don't exit write.  You will still be able to write to that
user's terminal (because permissions are checked on open and never
later).  This will cause trouble for PPP logins etc.

Maybe I am too paranoid - this is not very likely to really happen, but
it is possible.  I don't insist on mesg n (right now there are other,
more serious problems like /proc and the SAK not always guaranteed to
work), but I just want to mention one potential problem...

Marek

Message received at debian-bugs:

From cus.cam.ac.uk!iwj10 Thu Oct 12 11:12:33 1995
Return-Path: <iwj10@cus.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t3S7N-000HXEC; Thu, 12 Oct 95 11:12 PDT
Received: from bootes.cus.cam.ac.uk by pixar.com with SMTP id AA22108
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Thu, 12 Oct 1995 11:12:03 -0700
Received: by bootes.cus.cam.ac.uk 
	(Smail-3.1.29.0 #36) id m0t3S6H-000C00C; Thu, 12 Oct 95 19:11 BST
Received: by chiark
	id <m0t3NUK-0002ZbZ@chiark.al.cl.cam.ac.uk>
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Thu, 12 Oct 95 14:15 BST
Message-Id: <m0t3NUK-0002ZbZ@chiark.al.cl.cam.ac.uk>
Date: Thu, 12 Oct 95 14:15 BST
From: Ian Jackson <iwj10@cus.cam.ac.uk>
To: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Cc: debian-bugs@pixar.com
Subject: Re: Bug#1545: write' can't write, tty permissions
In-Reply-To: <199510121302.OAA28759@i17linuxb.ists.pwr.wroc.pl>
References: <m0t3C9l-0002ZrZ@chiark.al.cl.cam.ac.uk>
	<199510121302.OAA28759@i17linuxb.ists.pwr.wroc.pl>

Marek Michalkiewicz writes ("Re: Bug#1545: write' can't write, tty permissions"):
> Ian Jackson:
> > IMO we should have getty, telnetd, login and xterm set the permissions
> > to 620, making `mesg y' the default.  The alternative is to have to
> > try to find all the ways users get new tty's and try to find a way to
> > make the default be `mesg y' in the /etc/* scripts.
> > 
> > I don't think the default should be `mesg n'.
> 
> Some systems (like SunOS) default to mesg y, others (like SCO) to mesg n.
> Users can always change that in their .profile (or .csh.login, I think
> this is the right name, I don't use csh...).  This is a local issue -
> ideally there should be some config file which can be edited to change
> defaults like this without need to recompile everything.

That would be nice.  At the moment changing the local default for the
whole system means editing /etc/profile and several other files.  I
suppose the xterm app-defaults could be used.

I still think that the default, as shipped, should be mesg y.
Otherwise users will simply complain when they can't use talk &c.

Ian.

Message received at debian-bugs:

From i17linuxb.ists.pwr.wroc.pl!marekm Thu Oct 12 06:09:10 1995
Return-Path: <marekm@i17linuxb.ists.pwr.wroc.pl>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t3NNl-000GYGC; Thu, 12 Oct 95 06:09 PDT
Received: from i17linuxb.ists.pwr.wroc.pl by pixar.com with SMTP id AA10198
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Thu, 12 Oct 1995 06:08:41 -0700
Received: (from marekm@localhost) by i17linuxb.ists.pwr.wroc.pl (8.6.12/8.6.9) id OAA28759; Thu, 12 Oct 1995 14:02:56 +0100
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Message-Id: <199510121302.OAA28759@i17linuxb.ists.pwr.wroc.pl>
Subject: Re: Bug#1545: write' can't write, tty permissions
To: iwj10@cus.cam.ac.uk (Ian Jackson)
Date: Thu, 12 Oct 1995 14:02:49 +0100 (MET)
Cc: debian-bugs@pixar.com
In-Reply-To: <m0t3C9l-0002ZrZ@chiark.al.cl.cam.ac.uk> from "Ian Jackson" at Oct 12, 95 02:09:00 am
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 684       

Ian Jackson:
> IMO we should have getty, telnetd, login and xterm set the permissions
> to 620, making `mesg y' the default.  The alternative is to have to
> try to find all the ways users get new tty's and try to find a way to
> make the default be `mesg y' in the /etc/* scripts.
> 
> I don't think the default should be `mesg n'.

Some systems (like SunOS) default to mesg y, others (like SCO) to mesg n.
Users can always change that in their .profile (or .csh.login, I think
this is the right name, I don't use csh...).  This is a local issue -
ideally there should be some config file which can be edited to change
defaults like this without need to recompile everything.

Marek

Message received at debian-bugs:

From cus.cam.ac.uk!iwj10 Wed Oct 11 18:12:07 1995
Return-Path: <iwj10@cus.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t3CBr-000GDpC; Wed, 11 Oct 95 18:12 PDT
Received: from bootes.cus.cam.ac.uk by pixar.com with SMTP id AA19132
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Wed, 11 Oct 1995 18:11:46 -0700
Received: by bootes.cus.cam.ac.uk 
	(Smail-3.1.29.0 #36) id m0t3CBg-000BzMC; Thu, 12 Oct 95 02:11 BST
Received: by chiark
	id <m0t3C9l-0002ZrZ@chiark.al.cl.cam.ac.uk>
	(Debian /\oo/\ Smail3.1.29.1 #29.33); Thu, 12 Oct 95 02:09 BST
Message-Id: <m0t3C9l-0002ZrZ@chiark.al.cl.cam.ac.uk>
Date: Thu, 12 Oct 95 02:09 BST
From: Ian Jackson <iwj10@cus.cam.ac.uk>
To: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
        debian-bugs@pixar.com
Subject: Re: Bug#1545: write' can't write, tty permissions

Marek Michalkiewicz writes ("Bug#1545: write' can't write, tty permissions"):
> I think write (and possibly wall if all users should be allowed to use it)
> should be setgid tty.  Making all tty devices world-writable is bad idea
> IMHO.  getty/telnetd/login should initially set permissions to 600, group
> tty and "mesg y" should set them to 620.

IMO we should have getty, telnetd, login and xterm set the permissions
to 620, making `mesg y' the default.  The alternative is to have to
try to find all the ways users get new tty's and try to find a way to
make the default be `mesg y' in the /etc/* scripts.

I don't think the default should be `mesg n'.

> BTW, getty sets tty perms to 622 (that's why miscutils is mentioned in
> the Package: header).  This is wrong (someone may open it before login
> sets correct permissions), better use 600.

Indeed.  There's no reason for write &c to write to a terminal which
has noone logged on and is waiting in getty.

> I don't think making write setgid tty is more dangerous than making
> tty devices world-writable.  The tty group can't do anything more than
> writing to "mesg y" terminals...

Quite.

Ian.

Message received at debian-bugs:

From i17linuxb.ists.pwr.wroc.pl!marekm Wed Oct 11 12:34:24 1995
Return-Path: <marekm@i17linuxb.ists.pwr.wroc.pl>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t36v2-000HkZC; Wed, 11 Oct 95 12:34 PDT
Received: from i17linuxb.ists.pwr.wroc.pl by pixar.com with SMTP id AA03565
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Wed, 11 Oct 1995 12:33:50 -0700
Received: (from marekm@localhost) by i17linuxb.ists.pwr.wroc.pl (8.6.12/8.6.9) id UAA25113 for debian-bugs@pixar.com; Wed, 11 Oct 1995 20:34:02 +0100
From: Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>
Message-Id: <199510111934.UAA25113@i17linuxb.ists.pwr.wroc.pl>
Subject: Bug#1545: `write' can't write, tty permissions
To: debian-bugs@pixar.com
Date: Wed, 11 Oct 1995 20:33:56 +0100 (MET)
X-Mailer: ELM [version 2.4 PL23]
Content-Type: text
Content-Length: 723       

Package: bsdutils, netstd, miscutils
Version: bsdutils 1.3-1, netstd 1.17-1, miscutils 1.3-5

I think write (and possibly wall if all users should be allowed to use it)
should be setgid tty.  Making all tty devices world-writable is bad idea
IMHO.  getty/telnetd/login should initially set permissions to 600, group
tty and "mesg y" should set them to 620.

BTW, getty sets tty perms to 622 (that's why miscutils is mentioned in
the Package: header).  This is wrong (someone may open it before login
sets correct permissions), better use 600.

I don't think making write setgid tty is more dangerous than making
tty devices world-writable.  The tty group can't do anything more than
writing to "mesg y" terminals...

Marek

Message received at debian-bugs-done:

From server.et-inf.fho-emden.de!tobias Mon Oct  9 17:24:53 1995
Return-Path: <tobias@server.et-inf.fho-emden.de>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t2SV2-000BghC; Mon, 9 Oct 95 17:24 PDT
Received: from server.et-inf.fho-emden.de by pixar.com with SMTP id AA25655
  (5.67b/IDA-1.5 for debian-bugs-done-pipe@mongo.pixar.com); Mon, 9 Oct 1995 17:24:29 -0700
Received: by server.et-inf.fho-emden.de (5.65/DEC-Ultrix/4.3)
	id AA02162; Tue, 10 Oct 1995 01:15:54 +0100
Message-Id: <9510100015.AA02162@server.et-inf.fho-emden.de>
Subject: Re: Bug#1545: `write' can't write to telnet logins
To: iwj10@cus.cam.ac.uk
Date: Tue, 10 Oct 1995 01:15:53 +0100 (MET)
From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>
Cc: debian-bugs-done@pixar.com
Reply-To: tobias@et-inf.fho-emden.de
In-Reply-To: <m0t0USa-000JfBC@hammer.thor.cam.ac.uk> from "Ian Jackson" at Oct 4, 95 03:06:00 pm
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit
Content-Length: 791       

Ian Jackson wrote:
> Package: bsdutils? netstd?
> Version: bsdutils 1.3-1, netstd 1.17-1
> 
> Are `mesg y' terminals on Debian supposed to be g+w, or go+w ?
> 
> telnetd (from netbase) and mesg (from bsdutils) seem to thing g+w
> ought to be sufficient; however, write (also from bsdutils) seems to
> require go+w (though `richard', who was writing to me in another
> window at the time of the transcript below, didn't report that it
> complained about his terminal being `mesg n').

I changed telnetd. It will change the terminal to go+w.


Peter

-- 
 Peter Tobias                                EMail:
 Fachhochschule Ostfriesland                 tobias@et-inf.fho-emden.de
 Fachbereich Elektrotechnik und Informatik   tobias@perseus.fho-emden.de
 Constantiaplatz 4, 26723 Emden, Germany

Message received at debian-bugs:

From thor.cam.ac.uk!iwj10 Wed Oct  4 07:06:25 1995
Return-Path: <iwj10@thor.cam.ac.uk>
Received: from pixar.com by mongo.pixar.com with smtp
	(Smail3.1.28.1 #15) id m0t0USn-000CxkC; Wed, 4 Oct 95 07:06 PDT
Received: from hammer.thor.cam.ac.uk by pixar.com with SMTP id AA01184
  (5.67b/IDA-1.5 for debian-bugs-pipe@mongo.pixar.com); Wed, 4 Oct 1995 07:06:02 -0700
Received: by hammer.thor.cam.ac.uk 
	(Smail-3.1.29.0 #77) id m0t0USa-000JfBC; Wed, 4 Oct 95 15:06 BST
Message-Id: <m0t0USa-000JfBC@hammer.thor.cam.ac.uk>
Date: Wed, 4 Oct 95 15:06 BST
Sender: iwj10@thor.cam.ac.uk (Ian Jackson)
From: iwj10@cus.cam.ac.uk (Ian Jackson)
To: debian-bugs@pixar.com
Subject: `write' can't write to telnet logins

Package: bsdutils? netstd?
Version: bsdutils 1.3-1, netstd 1.17-1

Are `mesg y' terminals on Debian supposed to be g+w, or go+w ?

telnetd (from netbase) and mesg (from bsdutils) seem to thing g+w
ought to be sufficient; however, write (also from bsdutils) seems to
require go+w (though `richard', who was writing to me in another
window at the time of the transcript below, didn't report that it
complained about his terminal being `mesg n').

Making write setgid tty may solve the problem, but such a decision
should only be taken after examining the code to make sure it's not a
security problem.

Ian.

[ Running in an xterm ... ]
chiark:~> finger
Login    Name                 Tty  Idle  Login Time   Office     Office Phone
[...]
iwj10    Ian Jackson - unpriv  p4        Oct  4 12:47 (ealingbroadway.c)
iwj10    Ian Jackson - unpriv  p3  1:03  Oct  4 12:49 (ealingbroadway.c)
iwj10    Ian Jackson - unpriv  p5        Oct  4 12:50 (ealingbroadway.c)
iwj10    Ian Jackson - unpriv  p6  1:05  Oct  4 12:53 (ealingbroadway.c)
richard  Richard Kettlewell   *p0        Oct  4 10:05 (muskogee.elmail.)
richard  Richard Kettlewell    p7        Oct  4 12:59 (muskogee.elmail.)
chiark:~> write richard
write: /dev/ttyp7: Permission denied
chiark:~> ll /dev/ttyp7
crw--w----   1 richard  tty        4, 199 Oct  4 14:55 /dev/ttyp7
chiark:~> ls -al /usr/bin/write 
-rwxr-xr-x   1 root     root        12292 Jun 22 20:25 /usr/bin/write*
chiark:~> ytalk richard
chiark:~> ytalk -x richard
chiark:~> grep mesg /etc/profile
mesg y
chiark:~> tty
/dev/ttyp5
chiark:~> id
uid=1001(iwj10) gid=1001(iwj10) groups=1001(iwj10)
chiark:~> ll /dev/ttyp5
crw--w--w-   1 iwj10    iwj10      4, 197 Oct  4 15:01 /dev/ttyp5
chiark:~> 

Trying 131.111.131.114...
Connected to chiark.chu.cam.ac.uk.
Escape character is '^]'.
Debian GNU/Linux 0.93
Copyright (C) 1994, 1995 Debian Association, Inc. and others

chiark login: iwj10
Password: 
Last login: Wed Oct  4 12:31:00 on ttyc2
Copyright (C) 1994, 1995 Debian Association, Inc. and others

Linux chiark 1.2.13 #2 Sat Sep 30 11:40:37 BST 1995 i486

Unauthorised access prohibited; if you do not know that you are authorised
then you are not.  See /info/rules.text for the rules for the use of
chiark, and /info/chiark.text for information about the system.

Recent items in /info/new - see the file for full details:
1)  Problem with trn hanging believed fixed.  (3.10.1995)
2)  Default terminal message status is now `y'.  (3.10.1995)
3)  trn `l' (list groups) command should now work.  (3.10.1995)

--------------------------------------------------
  3:01pm  up 4 days,  2:56,  8 users,  load average: 0.48, 0.26, 0.09
chiark:~> tty
/dev/ttyp1
chiark:~> ll /dev/ttyp1
crw--w----   1 iwj10    tty        4, 193 Oct  4 15:01 /dev/ttyp1
chiark:~> exit
exit
Connection closed by foreign host.