> > The pb is : Under SunOS, the terminal devices (/dev/ttyp?) are > > owned by root, with rights rw-rw-rw-. When you log on the machine, > > the login process changes the owner of the terminal, so the tty > > belongs to you, with minimum access rights. BUT when using an xterm, > > you don't have the permissions to change the owner and access rights > > of the newly allocated tty. So the device stays owned by root, > > WORLD READABLE and WORLD WRITEABLE !!! > > I think this introduces a major security hole... > yes, 666 is not the best mode for tty.. :) I've turned this into Sun as a Security problem, as well as a bug. So far the only response I've gotten from Sun is that this problem was opened a while back, but closed as not a bug. Well, I don't see that happening this time since I have way too many SunOS 4.x machines running around. Of course it's 'fixed in the current release of the OS', unless you count SunOS 4.1.4 as current. Ciao, -- Richard Bainter Mundanely | System Analyst - OMG/CSD Pug Generally | Applied Research Labs - U.Texas pug@arlut.utexas.edu | pug@bga.com | pug@eden.com | {any user}@pug.net Note: The views may not reflect my employers, or even my own for that matter.