Bad security in Fedora? /dev/tty with 666 permissions

Major question here.

I boot my Fedora up, and I see my /dev/tty device is with 666 permissions, meaning any user gets to use my character device without restriction. But what’s interesting the other ttys are all with rw–w–w- permissions. And I end up somehow using tty2 for the gnome session, and everything works ok. And I even chmod 000 /dev/tty, and everything works fine.

So what is this world-writeable stuff on the main tty?

/dev/tty is kind of magic. It is connected to whichever tty device used by your current gnome-terminal session. You can use the command tty to see which that is. For example

$ tty
/dev/pts/0
$ 

Open another gnome-terminal you will get /dev/pts/1, /dev/pts/2, and so on. When opening a graphical session on a terminal, X11 or Wayland will take over control of the keyboard and display, and the original /dev/tty? device is no longer in control of the keyboard or display.

That your tty device (/dev/pts/0, etc) is writable by others have something to do with the wall command, and it can be changed using the mesg command. These are historic relic from early unix systems which did not use graphical session.

2 Likes