[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: setting standard fds to console in translator libs

From: Thomas Bushnell, BSG
Subject: Re: setting standard fds to console in translator libs
Date: 24 Aug 2001 15:26:07 -0700
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

nisse@lysator.liu.se (Niels Möller) writes:

> Not even a write-only one? I'm not sure I see the security problem. On
> debian /dev/console is writable for everybody (although that might not
> include the not logged in user on HURD). On Solaris, it seems to be
> writable by the group tty. That's all systems I'm logged on to at the
> moment.

Well, if you have access to the console, you can potentially tweak
that terminal in various ways (like TIOCSTI).  We certainly don't want

> Or to express things in a different way: If I run a system, I would
> probably want to get the stderr output from all translators to go
> somewhere. 

Eek!  So basically you are happy with all the users on a multi-user
system storing their email in the syslog logs?  Because--trust
me--that's what inevitably happens. :)

You're thinking of translators as things the sysadmin sets up.  Only
some of them are that.

But, we don't *have* a good solution to where passive translators send
their error messages.  I have no objection to saying that they should
try to send messages to syslog.  Changing libraries so that happens is
a decent thing to do.

I'm just against forcing them onto /dev/console.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]