Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!guyton@rand-unix From: guyton%rand-unix@sri-unix.UUCP Newsgroups: net.unix-wizards Subject: SetGroup Write command Message-ID: <2972@sri-arpa.UUCP> Date: Sun, 10-Jul-83 20:55:00 EDT Article-I.D.: sri-arpa.2972 Posted: Sun Jul 10 20:55:00 1983 Date-Received: Wed, 13-Jul-83 05:56:54 EDT Lines: 18 I plugged this hole here a little over a year ago by making the ttys owned by a special group "write", and had the write command be setgid to that group. Seems to make more sense to me than yet another setuid-root program floating around. In case you want to do the same thing, the changes were: /etc/group: added "write" group with no logins. Only for write pgm! write.c: closed other terminal before exec of shell write.c: set group id back to real id before exec of shell write.c: map outgoing control characters into ^X form write.c: stat checks now for 020 bit instead of 002 bit login.c: change of tty group to "write" group. chmod to 620 mesg.c: change to use 020 bit instead of 022 finger.c: checks for stat 0220 instead of 0222 for "messages off" logic -- Jim Guyton