NetBSD Problem Report #21026

Received: (qmail 21340 invoked by uid 605); 5 Apr 2003 12:37:38 -0000
Message-Id: <20030405120734.E26461132C@narn.netbsd.org>
Date: Sat,  5 Apr 2003 04:07:34 -0800 (PST)
From: kavron@xs4all.nl
Sender: gnats-bugs-owner@netbsd.org
Reply-To: kavron@xs4all.nl
To: gnats-bugs@gnats.netbsd.org
Subject: XFree86 on execution before getting the X windows system shows output from console user
X-Send-Pr-Version: www-1.0

>Number:         21026
>Category:       xsrc
>Synopsis:       XFree86 on execution before getting the X windows system shows output from console user
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    xsrc-manager
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Apr 05 12:38:00 +0000 2003
>Closed-Date:    Sat Apr 05 12:42:22 +0000 2003
>Last-Modified:  Sat Apr 05 12:42:22 +0000 2003
>Originator:     Jorge
>Release:        NetBSD 1.6Q
>Organization:
>Environment:
NetBSD ws1 1.6Q NetBSD 1.6Q (VVZ) #15: Fri Apr  4 21:49:37 CEST 2003  kavron@ws1:/usr/src/sys/arch/i386/compile/VVZ i386

>Description:
Default binary snapshot (1.6P) installation as well an upgrade to 1.6Q,after starting the X Window (startx) it's lagging two - three seconds 
before you get in front tty5 with the X Window on your screen. In those two - three seconds you see output from tty1 (console by default), I don't 
know if it can be considered insecure, but don't think it's a clean design. Supposing as user you executed X from tty2 and root is on tty1 you 
see output from root as well if you're quick enough you can run commands from tty1 while X is still starting.

I don't know as I said if it's important, because if you can start X local 
from your pc you also can see tty1 with alt + F1. But don't think it's clean the design.
>How-To-Repeat:
login as a user, example root on tty1 (console)... as another user on tty2 
and run X from tty2, you'll see output from user root and can input anything while lagging to start X.
>Fix:

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: tron 
State-Changed-When: Sat Apr 5 04:41:41 PST 2003 
State-Changed-Why:  
There is no security problem here. An user using the console could switch 
to the virtual console with the root shell on it anyway. I can't remember 
right now why it is necessary to switch to tty1 but there is a technial 
reason for it. 
>Unformatted:

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.