Remote write daemon

(linux implementation)

Remote write daemon (writed in following text) implements remote write protocol, which allows remote users and system daemons to write on user's console in usable way. Writed allows remote user to specify terminal by placing ttyXX%username at the first line (look into protocol for details).

Installation

You need to be root to properly install writed. You need to:

Features

Writed allows users to create their own 'filter' to incoming messages. Such filter should be put into $HOME/.ttywrite and made executable. When any write comes, and such file exists in target user's home, data that would normally go on user's screen go at stdin of .ttywrite. Stdout of .ttywrite is redirected to 'best' tty (tty writed would write at).

Security

Writed should be ran from inetd with uid.gid set to nobody.tty, so it should not be critical for system's security. If it detects it is being run as root it refuses to run (as this might be pretty risky for target system). Anyway, some attetion has been given not to make common mistake and give remote user way to run his code. (Local users can easily run code as nobody, but they could probably do that anyway using cgi-scripts or something similar.) No attempts are made to identify incoming connection using ident service, so do not believe 'From:' field too much.

.ttywrite is run with nobody's privileges, but not with group set to tty - so group tty should not be compromissed by this.

Where to get it

Currently nowhere, if you are asking for complete distribution. Copy of directory where I'm forking on forum is readable by world.


Pavel Machek
pavel@atrey.karlin.mff.cuni.cz