Restrict tcsd input to uid root or group tss.
This prevents DOS (or worse) attacks on tcsd by restricting its input to
processes running with UID root or GID tss.
TEST=installed trousers, verified that /var/run/tcsd.socket is
srw-rw---- 1 root tss, and verified that I can still log on.
Reviewed-by: Darren Krahn <email@example.com>
Tested-by: Darren Krahn <firstname.lastname@example.org>
Commit-Ready: Darren Krahn <email@example.com>
1 file changed