HPE Community
Operating System - HP-UX
1847544 Members
3687 Online
110265 Solutions
New Discussion

getty conosle, we removed write access for others and it's back.

 
Clarence Rebolledo
Advisor

‎04-25-2005 03:24 AM

‎04-25-2005 03:24 AM

getty conosle, we removed write access for others and it's back.

On the /dev/console we set it from crw--w--w to crw--w--- but now a few days later it back where write access to others is back as crw--w--w. Is this a function of the /usr/sbin/getty. We are being audited by our auditors and this is one problem they want to resolve.
hilo
0 Kudos
Reply
1 REPLY 1
A. Clay Stephenson
Acclaimed Contributor

‎04-25-2005 03:42 AM

‎04-25-2005 03:42 AM

Re: getty conosle, we removed write access for others and it's back.

Anytime a getty is respawned on the console the mode is reset. This is why you are unable to make a permanent change --- nor should you. Traditionally, processes are allowed to write error messages to the console. Even if someone writes "Please re-enter root password: " to the console no harm is done even if someone actually types in the passwd UNLESS read permission is allowed on that port and that should be (and is) restricted.
If it ain't broke, I can fix that.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.