Patch-ID#  100187-01
Keywords: TIOCCONS
Synopsis: SunOS 4.1& 4.1_PSR_A: TIOCCONS redirection is a security violation
Date: 15/Dec/90
 
SunOS release: 4.1
 
Unbundled Product:
 
Unbundled Release:
 
Topic: 
 
BugId's fixed with this patch: 1008324

Architectures for which this patch is available: sun3 sun3x sun4 sun4c
                                                 sun4-490_4.1_PSR_A 

Patches which may conflict with this patch:

Obsoleted by: Next major release of SunOS

Problem Description: TIOCCONS can be used to re-direct console output/input
                     away from "console"

Patch contains kernel object modules for:

/sys/sun?/OBJ/cons.o
/sys/sun?/OBJ/zs_async.o
/sys/sun?/OBJ/mcp_async.o
/sys/sun?/OBJ/mti.o

Where sun? is one of sun4, sun4c, sun3, sun3x, sun4/490-4.1_PSR_A

NOTE: The sun4c does not use mti.o nor mcp_async.o since this architecture does not
      have VME slots and therefore cannot use the ALM-2 Asynchronous Line Multiplexer
      or Systech MTI-800/1600. So those modules are not needed.

      
The fix consists of adding permission checking to setcons, the routine
that does the work of console redirection, and changing its callers to
supply additional information required for the check and to see whether
or not the check succeeded.  Setcons now uses uid and gid information
supplied to it as new arguments to perform a VOP_ACCESS call for VREAD
permission on the console.  If the caller doesn't have permission to
read from the console, setcons rejects the redirection attempt.


INSTALL:

AS ROOT:
save aside the object modules from the FCS tapes as a precaution:

# mv /sys/sun?/OBJ/cons.o /sys/sun?/OBJ/cons.o.orig
# mv /sys/sun?/OBJ/tty_pty.o /sys/sun?/OBJ/tty_pty.o.orig
# mv /sys/sun?/OBJ/zs_async.o /sys/sun?/OBJ/zs_async.o.orig
# mv /sys/sun?/OBJ/mcp_async.o /sys/sun?/OBJ/mcp_async.o.orig
# mv /sys/sun?/OBJ/mti.o /sys/sun?/OBJ/mti.o.orig

copy the new ".o" files to the OBJ directory:

# cp sun?/*.o /sys/sun?/OBJ/

build and install a new kernel:
rerun /etc/config <kernel-name> and do a "make" for the new kernel
Please refer to the System and Network Administration Manual for details
on how to configure and install a custom kernel.

