Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Dec 2002 17:27:47 +0100 (CET)
From:      Thomas Quinot <thomas@FreeBSD.org>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   bin/46635: Can't ssh after su (/dev/tty permission denied)
Message-ID:  <20021230162747.3A851121@zuydcoote.int.act-europe.fr>
next in thread | raw e-mail | index | archive | help 

>Number:         46635
>Category:       bin
>Synopsis:       Can't ssh after su (/dev/tty permission denied)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 30 08:30:02 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Thomas Quinot <thomas@freebsd.org>
>Release:        FreeBSD 5.0-DP2 i386
>Organization:
>Environment:
System: FreeBSD zuydcoote.int 5.0-DP2 FreeBSD 5.0-DP2 #0: Fri Dec 27 14:24:57 CET 2002 quinot@zuydcoote.int:/usr/src/sys/i386/compile/ZUYDCOOTE i386


	
>Description:
	If I su from one user to another, I am unable to make an
	outgoing ssh connection from the su'd shell using password
	authentication, because ssh tries (and fails) to open /dev/tty
	(which still belongs to the original user).

	This used to work on -STABLE because /dev/tty was not the same
	device as the actual tty device, and could therefore have 666
	permissions (which make sense -- allowing each process to open
	its own controlling tty).

>How-To-Repeat:

zuydcoote# ls -l /dev/tty
crw--w----  1 root  tty    5,   0 Dec 30 17:22 /dev/tty
zuydcoote# su - quinot
(quinot@zuydcoote) ~ $ ssh remote.host
Permission denied, please try again.
Permission denied, please try again.
Permission denied (publickey,password,hostbased).
(quinot@zuydcoote) ~ $ ls -l /dev/tty
crw--w----  1 root  tty    5,   0 30 dec 17:22 /dev/tty

>Fix:
	None known so far (apart from working around the problem
	by setting /dev/tty* to 0666...).
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021230162747.3A851121>