From owner-freebsd-security@FreeBSD.ORG Mon Oct 4 23:15:26 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACB1616A4CE for ; Mon, 4 Oct 2004 23:15:26 +0000 (GMT) Received: from mail.bitfreak.org (mail.bitfreak.org [65.75.198.146]) by mx1.FreeBSD.org (Postfix) with ESMTP id 486D743D1F for ; Mon, 4 Oct 2004 23:15:26 +0000 (GMT) (envelope-from dmp@bitfreak.org) Received: from speck.loki.lan (c-24-21-241-225.client.comcast.net [24.21.241.225]) by mail.bitfreak.org (Postfix) with ESMTP id 5230319F3E for ; Mon, 4 Oct 2004 16:17:05 -0700 (PDT) Received: from spud (d2.loki.lan [172.21.42.22]) by speck.loki.lan (Postfix) with ESMTP id 4D13C322E for ; Mon, 4 Oct 2004 16:15:16 -0700 (PDT) From: "Darren Pilgrim" To: Date: Mon, 4 Oct 2004 16:15:07 -0700 Message-ID: <000601c4aa68$0034af70$162a15ac@spud> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.6626 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 In-reply-to: <200410042054.i94KsBD9021963@freefall.freebsd.org> Importance: Normal Subject: RE: FreeBSD Security Advisory FreeBSD-SA-04:15.syscons X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Oct 2004 23:15:26 -0000 > FreeBSD-SA-04:15.syscons <...> > IV. Workaround >=20 > There is no known workaround. However, this bug is only exploitable > by users who have access to the physical console or can otherwise open > a /dev/ttyv* device node. Is there anything in the base system that, by design or flaw, can be = used by a non-root user to open a ttyv device? Is the tty snoop device vulnerable by proxy?