This is a multi-part message in MIME format.
--------------67880288E8BD185716A61B21
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

In the moment, konsole offers a security hole that allows local users to
hijack/monitor the (root) sessions. The regular method to protect
against this, is to do a chmod/chown on one of the devices within the
emulation. Doing so would require konsole to be run root/suid, which
raises more severe problems then it solves. Because i strongly dislike
root/suid programs for many reasons, I've digged out an ioctl for Linux
which does as desired, basically for the price of the solution not being
portable to other UNIXes, eventually.

Comments, anyone?

  Lars


--------------67880288E8BD185716A61B21
Content-Type: text/plain; charset=us-ascii; name="secure.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="secure.patch"

--- TEShell.C.ori	Mon Dec 21 01:16:00 1998
+++ TEShell.C	Sun Dec 27 17:18:35 1998
@@ -35,6 +35,7 @@
 #include <termios.h>
 #include <fcntl.h>
 #include <unistd.h>
+#include <asm/asm-i386/ioctls.h>
 #include <sys/ioctl.h>
 #include <grp.h>
 #include "../../config.h"
@@ -88,6 +89,7 @@
   emit done(status);
 }
 
+
 int Shell::run(QStrList & args, const char* term)
 {
   pid_t comm_pid = fork();
@@ -109,7 +111,7 @@
  
   // Don't know why, but his is vital for SIGHUP to find the child.
   // Could be, we get rid of the controling terminal by this.
-  for (int i = 0; i < getdtablesize(); i++) if (i != tt) close(i);
+  for (int i = 0; i < getdtablesize(); i++) if (i != tt && i != fd) close(i);
 
   dup2(tt,fileno(stdin));
   dup2(tt,fileno(stdout));
@@ -133,6 +135,11 @@
   setpgid(0,0);                        // is not noticeable with all
   close(open(dev, O_WRONLY, 0));       // clients (bash,vi). Because bash
   setpgid(0,0);                        // heals this, use '-e' to test it.
+
+  int flag = 1;
+  if (ioctl(fd,TIOCSPTLCK,&flag))      // prohibit opening tty from now on
+    perror("cannot set secure");
+  close(fd);
   
   // drop privileges
   setuid(getuid()); setgid(getgid());
@@ -186,6 +193,7 @@
   }
   if (ptyfd < 0) { fprintf(stderr,"Can't open a pseudo teletype\n"); exit(1); }
   fcntl(ptyfd,F_SETFL,O_NDELAY);
+printf("using: %s <-> %s\n",ptynam,ttynam);
 
   return ptyfd;
 }

--------------67880288E8BD185716A61B21--