During a vulnerability assessment I discovered that /dev/console was world readable and world writeable on several IRIX computers. My test case specifically says that this should not be world readable/writeable:
"The console device file can be compromised to intercept root’s commands or password. Therefore, it will not be world readable or writable. Terminal devices for other users can also be compromised and will not be world writable when in use by a user."
However, when changing the permissions on /dev/console to not world readable or world writeable, the system became unuseable. Is there something different about IRIX where /dev/console must be world readable and world writeable?
"The console device file can be compromised to intercept root’s commands or password. Therefore, it will not be world readable or writable. Terminal devices for other users can also be compromised and will not be world writable when in use by a user."
However, when changing the permissions on /dev/console to not world readable or world writeable, the system became unuseable. Is there something different about IRIX where /dev/console must be world readable and world writeable?