Re: RH4.0/axp needs read permission on /dev/dsp

Erik Troan (ewt@redhat.com)
Mon, 18 Nov 1996 09:46:38 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael Champigny: "TGA Modelines"
Previous message: Jim Nance: "Re: Mother board with > 1gb ram"
In reply to: Nicholas Alexander Bastin: "Installing RedHat 4.0 on UDB"

On Sat, 16 Nov 1996, Thunderhawk Alpha wrote:

> I set up an account on my UDB for my 10 yr. old to play games like xkoules,
> xevil, etal. xkoules would bomb out with a 'could not open /DEV/Dsp'
> message. When I did a chmod +r /dev/dsp from root (already had world write
> permission by default), the program ran fine. Note that root can play the
> games in the default condition.
>
> Just thought folks might want to know. I'm not sure if this is something
> that RedHat should fix in an update or not. (Is there a security problem
> with setting world read permission on /dev/dsp since it already had world
> write permission?)

We don't do this because it would let people listen in on your office when
they are remotely logged into your machine. While this isn't a root-access
security hole, it's defintely a privacy hole.

Erik

-------------------------------------------------------------------------------
| I told you I'm not very bright -- Sugar in "Some Like It Hot" |
| |
| Erik Troan = http://sunsite.unc.edu/ewt/ = ewt@sunsite.unc.edu |

--
To unsubscribe: send e-mail to axp-list-request@redhat.com with
'unsubscribe' as the subject.  Do not send it to axp-list@redhat.com

Next message: Michael Champigny: "TGA Modelines"
Previous message: Jim Nance: "Re: Mother board with > 1gb ram"
In reply to: Nicholas Alexander Bastin: "Installing RedHat 4.0 on UDB"