On Fri, Nov 22, 2024 at 12:13:56PM +0100, Santiago Vila wrote: > > Well, I'm not happy about the way mesg and write have been removed. > > > > Is not the case that "mesg n" also disables talk? If yes, maybe > > a better idea would have been to remove write but not mesg. > > > > Also: What would happen if a user takes the write program > > from an old Debian release and put it in their $HOME. Would it > > work as normal, or would it need some special capability? > > > > If it would work as normal, then users would still need "mesg n" > > to disable incoming messages. > > > > So: Can we rethink the details of this removal? > > Well, I see there is a setting in /etc/login.defs which would > make "mesg n" unnecessary by default (the file also explains > how it works, it's not a capability but a group ownership). > > So in theory, we could have been dropped the "mesg n" from .profile > in bookworm (if we wanted) regardless of mesg being removed from > util-linux. Is this right?
If it were that easy. In bookworm (and I think even older), terminals that ran login(1) got permission 0600 by default. Pseudo-terminals that do not run login(1) still get 0620 by default. > In either case, I still don't see the point in removing > this from util-linux. Sure that nobody uses it these days, > but is there a real need to remove it? I think it would be > better to follow upstream here. In bookworm we disabled write by default, by removing its setgid bit. This was done because writing to someone else's terminal is a security nightmare (as upstream discovered), and is a legacy facility that hopefully nobody uses anymore. We're keeping wall, because 1) if run as root there is no security issue, 2) if run as the same user, there is no security issue. Sysadmins can obviously always install their own programs as setgid tty (or an old copy of write), and reintroduce these problems, but at least it's not -us- doing that. Upstream will unlikely ever drop anything from util-linux, but out of the discussion with upstream and security-team it's clear the direction to go is to drop these facilities. Regarding talk: I need to check what that does exactly, but I'll note it is orphaned, and IMO can just go away too. The default-permissions on pts devices can be thought over, but as no ordinary users should be member of the "tty" group (it seems that would be disastrous), it also should not matter much. Chris
