<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: Re: CVE-2024-28085: Escape sequence injection in util-linux wall
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Jakub Wilk <jwilk () jwilk net>
Date: Thu, 28 Mar 2024 09:38:41 +0100
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
* nightmare.yeah27 () aceecat org, 2024-03-27 13:57:
/etc/default/devpts
This file is used by sysvinit when mounting /dev/pts.
systemd doesn't use it. It mounts /dev/pts with mode=620 by default.
/etc/login.defs
As far as I can see, TTYPERM from login.defs is used only by login(1)
and sometimes¹ by su(1). If you log in through SSH, or run xterm(1) or
screen(1) or... it won't have any effect.
It's all awful and undocumented.
¹ https://github.com/util-linux/util-linux/commit/17d5b264367debb7
("su: (pty) change owner and mode for pty")
--
Jakub Wilk
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
CVE-2024-28085: Escape sequence injection in util-linux wall Skyler Ferrante (RIT Student) (Mar 27)
Re: CVE-2024-28085: Escape sequence injection in util-linux wall nightmare . yeah27 (Mar 27)
Re: Re: CVE-2024-28085: Escape sequence injection in util-linux wall Jakub Wilk (Mar 28)
Re: CVE-2024-28085: Escape sequence injection in util-linux wall Jakub Wilk (Mar 27)
Re: CVE-2024-28085: Escape sequence injection in util-linux wall Demi Marie Obenour (Mar 27)
Re: CVE-2024-28085: Escape sequence injection in util-linux wall Solar Designer (Mar 27)
Re: CVE-2024-28085: Escape sequence injection in util-linux wall Alexander E. Patrakov (Mar 28)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->