HI all
I was reading vt driver
and I saw
/*
* To have permissions to do most of the vt ioctls, we either have
* to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
*/
perm = 0;
if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG))
perm = 1;
(lines 382-388 - drivers/char/vt_ioctl.c)
After reading the comment I thinked I can change vt
from one of my own to another one of mine.
so I opened vc/2 and vc/3 and a pts/0
$ w
01:26:45 up 1:33, 5 users, load average: 0,84, 0,66, 0,97
USER TTY LOGIN@ IDLE JCPU PCPU WHAT
alx vc/2 01:07 18:51 0.00s 0.00s -bash
alx vc/3 01:25 48.00s 0.00s 0.00s -bash
alx :0 23:55 ?xdm? 4:21 0.84s gnome-session
alx pts/0 01:22 0.00s 0.08s 0.00s w
I went to vc/3 and I did
$ tty
/dev/vc/3
$ chvt 2
as i expected I changed my tty to 2
after that I tryied to do the same from pts/0
and
$ tty
/dev/pts/0
$ chvt 2
chvt: VT_ACTIVATE: Operation not permitted
$
After that I went in vc/2
and I did
$ chvt 12
after that i was watching at my syslog writing messages...
I tryed the same from pts/0
and
$ chvt 12
Couldnt get a file descriptor referring to the console
So, there are some things I couldn't get about virtual terminal ioctls
and fd...
please note that use chvt having CAP_SYS_TTY_CONFIG (root) works fine.
Is it possible to change terminal from an unprivileged user ?
THanks in advance
for the time you'll spend answering me.
Alessandro
On Mon, Jan 24, 2005 at 01:34:56AM +0100, Alessandro Sappia wrote:
> I was reading vt driver
> and I saw
> /*
> * To have permissions to do most of the vt ioctls, we either have
> * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
> */
> perm = 0;
> if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG))
> perm = 1;
>
> (lines 382-388 - drivers/char/vt_ioctl.c)
>
> After reading the comment I thinked I can change vt
> from one of my own to another one of mine.
Yes, the comment. But you should read the code instead.
On Mon, Jan 24, 2005 at 09:14:49AM +0100, Andries Brouwer wrote:
> On Mon, Jan 24, 2005 at 01:34:56AM +0100, Alessandro Sappia wrote:
>
> > I was reading vt driver
> > and I saw
> > /*
> > * To have permissions to do most of the vt ioctls, we either have
> > * to be the owner of the tty, or have CAP_SYS_TTY_CONFIG.
> > */
> > perm = 0;
> > if (current->signal->tty == tty || capable(CAP_SYS_TTY_CONFIG))
> > perm = 1;
> >
> > (lines 382-388 - drivers/char/vt_ioctl.c)
> >
> > After reading the comment I thinked I can change vt
> > from one of my own to another one of mine.
>
> Yes, the comment. But you should read the code instead.
In general, a comment reflects the intention of the programmer, whereas
the code reflects what he in fact ended up doing (the implementation).
So if the two don't match, the code is probably buggy.
This is why comments can be important; they reflect the intention of
the programmer at the time he wrote the code.
Toon.
--
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan