Base: Add "tty" group and make /dev/tty* be root:tty mode 610

This fixes an issue where anyone could snoop on the virtual consoles.
abyesilyurt · Jan 4, 2020 · 20ac4e4 · 20ac4e4
1 parent 4f4dc47
commit 20ac4e4
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/Base/etc/group b/Base/etc/group
@@ -1,3 +1,4 @@
 root:x:0:
 wheel:x:1:anon
+tty:x:2:
 users:x:100:anon
diff --git a/Kernel/build-root-filesystem.sh b/Kernel/build-root-filesystem.sh
@@ -34,6 +34,10 @@ mknod mnt/dev/ttyS0 c 4 64
 mknod mnt/dev/ttyS1 c 4 65
 mknod mnt/dev/ttyS2 c 4 66
 mknod mnt/dev/ttyS3 c 4 67
+for tty in 0 1 2 3 S0 S1 S2 S3; do
+ chmod 620 mnt/dev/tty$tty
+ chown 0:2 mnt/dev/tty$tty
+done
 mknod mnt/dev/random c 1 8
 mknod mnt/dev/null c 1 3
 mknod mnt/dev/zero c 1 5