Re: FreeBSD Security Advisory FreeBSD-SA-04:15.syscons
Hi Darren,
On Mon, Oct 04, 2004 at 04:15:07PM -0700, Darren Pilgrim wrote:
> > FreeBSD-SA-04:15.syscons
> <...>
> > IV. Workaround
> >
> > There is no known workaround. However, this bug is only exploitable
> > by users who have access to the physical console or can otherwise open
> > a /dev/ttyv* device node.
>
> Is there anything in the base system that, by design or flaw, can be used by
> a non-root user to open a ttyv device?
Any user can open a ttyv device that she owns. But if you mean, "can
be used by a non-root user to open a ttyv device not owned by that
user?" : None of which I'm aware.
> Is the tty snoop device vulnerable by proxy?
No, it is not. The snp device does not "forward" ioctls.
Cheers,
--
Jacques A Vidrine / NTT/Verio
nectar@celabo.org / jvidrine@verio.net / nectar@FreeBSD.org
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)