From: Lennart Poettering <mzxreary@0pointer.de>
To: Greg KH <greg@kroah.com>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>,
Kay Sievers <kay.sievers@vrfy.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH] tty: add TIOCVHANGUP: time for revoke() in f_ops ?
Date: Wed, 23 Feb 2011 01:35:55 +0100 [thread overview]
Message-ID: <20110223003555.GC21518@tango.0pointer.de> (raw)
In-Reply-To: <20110222231536.GA18066@kroah.com>
On Tue, 22.02.11 15:15, Greg KH (greg@kroah.com) wrote:
>
> On Fri, Feb 18, 2011 at 09:50:48AM +0000, Alan Cox wrote:
> > > Without this ioctl it would have to temporarily become the owner of
> > > the tty, then call vhangup() and then give it up again.
> >
> > This is a hack - it's also unfortunately not actually sufficient or
> > complete which is why we didn't do it years ago. Sorry but if it was easy
> > it would have been in a long time back !
> >
> >
> > > + case TIOCVHANGUP:
> > > + if (!capable(CAP_SYS_ADMIN))
> >
> > Is there any reason for not allowing revocation of a tty that you are
> > the owner of (ie one you could anyway take ownership of and hangup ?)
>
> You could do that already today with the vhangup() syscall, right?
BTW, the reason why this isn't allowed is probably that you really don't
want to allow unprivileged folks to kick privileged users of a
TTY. TTYs can be opened by multiple parties, and stuff such as
/dev/ttyS0 might be used by user logins as well as for logging, and you
don't want to allow users to kick off all loggers just like that.
Lennart
--
Lennart Poettering - Red Hat, Inc.
prev parent reply other threads:[~2011-02-23 0:35 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1297964368.2165.1.camel@yio>
2011-02-18 9:50 ` [PATCH] tty: add TIOCVHANGUP: time for revoke() in f_ops ? Alan Cox
2011-02-22 23:15 ` Greg KH
2011-02-23 0:09 ` Alan Cox
2011-02-23 0:23 ` Lennart Poettering
2011-02-23 0:30 ` Alan Cox
2011-02-23 0:35 ` Lennart Poettering [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110223003555.GC21518@tango.0pointer.de \
--to=mzxreary@0pointer.de \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=greg@kroah.com \
--cc=kay.sievers@vrfy.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).