Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!philabs!seismo!hao!hplabs!sri-unix!guyton@rand-unix
From: guyton%rand-unix@sri-unix.UUCP
Newsgroups: net.unix-wizards
Subject: SetGroup Write command
Message-ID: <2972@sri-arpa.UUCP>
Date: Sun, 10-Jul-83 20:55:00 EDT
Article-I.D.: sri-arpa.2972
Posted: Sun Jul 10 20:55:00 1983
Date-Received: Wed, 13-Jul-83 05:56:54 EDT
Lines: 18

I plugged this hole here a little over a year ago by making the
ttys owned by a special group "write", and had the write command
be setgid to that group.  Seems to make more sense to me than yet
another setuid-root program floating around.

In case you want to do the same thing, the changes were:

  /etc/group: added "write" group with no logins. Only for write pgm!
  write.c:    closed other terminal before exec of shell
  write.c:    set group id back to real id before exec of shell
  write.c:    map outgoing control characters into ^X form
  write.c:    stat checks now for 020 bit instead of 002 bit
  login.c:    change of tty group to "write" group.  chmod to 620
  mesg.c:     change to use 020 bit instead of 022
  finger.c:   checks for stat 0220 instead of 0222 for "messages off" logic


-- Jim Guyton