[Pkg-shadow-devel] Bug#59439: login.defs: Should we document why default TTYPERM is 0600?

[Christian Perrier]

retitle 59439 [DOC] [CHRISTIAN] login.defs: TTYPERM description and defau=
lt are inconsistent
tags 59439 confirmed
thanks

Ben Collins answer to #59439 seems to make sense to me. I tested all
this and, with the default setting of TTYPERM 0600 we have in Debian,
users cannot use write to another user unless that user issues "dmesg
y" in his/her terminal.

This is a secure default which shouldn't probably be changed.

So, the only concernis maybe adding some more comments to
/etc/login.defs:

# In Debian /usr/bin/bsd-write or similar programs are setgid tty
# However, the default and recommended value for TTYPERM is still 0600
# to not allow anyone to write to anyone else console or terminal
# Users can overwrite this setting by using the "dmesg y" command

Colin, does it sound OK for you and enough to fix this bug=A0?



--=20