Restrict tcsd input to uid root or group tss.

This prevents DOS (or worse) attacks on tcsd by restricting its input to
processes running with UID root or GID tss.

TEST=installed trousers, verified that /var/run/tcsd.socket is
srw-rw---- 1 root tss, and verified that I can still log on.

Change-Id: I01824ca893ff2172833a9a9b1b98444269356764
Reviewed-by: Darren Krahn <>
Tested-by: Darren Krahn <>
Commit-Ready: Darren Krahn <>
1 file changed