[Bug 2872] New: wall command shows error when logged in through non-root user.

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed May 30 19:44:40 AEST 2018 

https://bugzilla.mindrot.org/show_bug.cgi?id=2872

            Bug ID: 2872
           Summary: wall command shows error when logged in through
                    non-root user.
           Product: Portable OpenSSH
           Version: 7.5p1
          Hardware: PPC
                OS: AIX
            Status: NEW
          Severity: security
          Priority: P5
         Component: Miscellaneous
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mayasha9 at in.ibm.com

Hi

I have compiled and installed OpenSSH7.5 on AIX. I ran wall command
after logging through non-root via ssh and i found that wall command is
throwing error.

Recreation Steps:-
-----------------

1. SSH login through non-root user USER1 on different terminal.
2. SSH login through non-root user USER2 on different terminal.
3. run "wall test" on USER1 terminal. Following error message will
occurred.

wall: Cannot open "/dev/pts/X".  The file access permissions do not
allow the specified action..


I analysed further and i came to know that in file sshpty.c, mode has
been set to 600.

void
pty_setowner(struct passwd *pw, const char *tty)
{
.
.
.
        /* Determine the group to make the owner of the tty. */
        grp = getgrnam("tty");
        gid = (grp != NULL) ? grp->gr_gid : pw->pw_gid;
        mode = (grp != NULL) ? 0620 : 0600;

        /*
         * Change owner and mode of the tty as required.
.
.
.

Then I checked the older SSH builds and there I found that community
has changed modes in OpenSSH6.8_p1 and OpenSSH7.0_p1 respectively.
Please follow the commit link below -

https://github.com/openssh/openssh-portable/commit/6f941396b6835ad18018845f515b0c4fe20be21a#diff-49e4e431bffb87ccf87cea3ce20c82f3

https://github.com/openssh/openssh-portable/commit/a5883d4eccb94b16c355987f58f86a7dee17a0c2#diff-49e4e431bffb87ccf87cea3ce20c82f3

If I changed modes permission from 600 to 620 and run the same wall
command, then in such case it was not throwing any error message.

Therefore , i would like to know whether these mode changes are made
intentionally or it is possible to rectify it ?

Please let me know soon.

Thanks & Regards
Mayank Sharma

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list