Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site watcgl.UUCP Path: utzoo!watmath!watcgl!dmmartindale From: dmmartindale@watcgl.UUCP (Dave Martindale) Newsgroups: net.unix-wizards,net.bugs.4bsd Subject: Re: TIOCCDTR (bug|feature) Message-ID: <502@watcgl.UUCP> Date: Sun, 19-Jun-83 09:15:27 EDT Article-I.D.: watcgl.502 Posted: Sun Jun 19 09:15:27 1983 Date-Received: Sun, 19-Jun-83 23:44:24 EDT References: <349@ut-ngp.UUCP> Organization: U of Waterloo, Ontario Lines: 13 I don't believe that ioctl calls should have any sort of special restrictions requiring anything other than the permissions on the tty special file. If someone can open your tty for writing, why should they not be allowed to use whatever ioctl they please? If you don't trust the other users on the machine to act responsibly, then you don't want general write permission on your terminal at all. If this requires that inter-user communications programs such as "write" be setuid, so be it. While plugging holes, you should also make write check the characters it is passing along and strip control characters that might do funny things to the recipient's terminal. An even better scheme is something like the "talk" program posted recently, where the recipient voluntarily joins the conversation and writing to his screen is done only by a process which is run by him.