Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sun, 23 Mar 2003 17:50:09 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sun, 23 Mar 2003 17:50:09 -0500 Received: from hq.pm.waw.pl ([195.116.170.10]:10437 "EHLO hq.pm.waw.pl") by vger.kernel.org with ESMTP id ; Sun, 23 Mar 2003 17:50:08 -0500 To: Subject: Re: Linux-2.4.20 modem control References: <001601c2ed7c$f984e900$0201a8c0@pluto> From: Krzysztof Halasa Date: 20 Mar 2003 19:51:56 +0100 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1881 Lines: 41 "Richard B. Johnson" writes: > The problem is when you log out! With a terminal connected, > you get the login prompt again. This is no good if you are > connected to a modem. How would that happen? Even assuming the modem doesn't see DTR line being lowered (for a short time - say, too short) while closing the device, getty should initialize the modem correctly, i.e. lowering DTR first for ~1 s. > The modem will not be disconnected > and you have to forcably disconnect at the remote end by > disconnecting the phone line or lowering DTR with your remote > terminal program. Then the modem will not be ready to > answer another call. It will remain in a off-line condition > forever. Why? Does your modem report on/off-line status using DCD (carrier detect) line correctly? The shell should get HUP/disconnect after DCD drops. BTW: there is (and always was) another issue, security-related. Normally the user can issue "stty clocal" command which disables DCD level detection. Thus, the /dev/ttyS* device will be owned by the user ((s)he will have an open file descriptor to the device) after the line is disconnected. The shell will not be terminated and no getty will be spawn. It allows making a script simulating getty/login and ie. collecting passwords/sessions etc. This isn't a kernel issue - the kernel has "LOCK TERMIOS" ioctl in place, and it's probably enough to stop this attack. The problem is no getty uses that ioctl (it might have changed from the last time I checked, though - but I would rather check it again if I had untrusted users). -- Krzysztof Halasa Network Administrator - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/