From 20ac4e44d190c632e7eb7b57c91b9bc1221d865e Mon Sep 17 00:00:00 2001
From: Andreas Kling <awesomekling@gmail.com>
Date: Sat, 4 Jan 2020 12:40:12 +0100
Subject: [PATCH] Base: Add "tty" group and make /dev/tty* be root:tty mode 610

This fixes an issue where anyone could snoop on the virtual consoles.
---
 Base/etc/group                  | 1 +
 Kernel/build-root-filesystem.sh | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/Base/etc/group b/Base/etc/group
index ac450806e32..07e4f4b8a45 100644
--- a/Base/etc/group
+++ b/Base/etc/group
@@ -1,3 +1,4 @@
 root:x:0:
 wheel:x:1:anon
+tty:x:2:
 users:x:100:anon
diff --git a/Kernel/build-root-filesystem.sh b/Kernel/build-root-filesystem.sh
index 1c5f1dc2679..ef9aca24414 100755
--- a/Kernel/build-root-filesystem.sh
+++ b/Kernel/build-root-filesystem.sh
@@ -34,6 +34,10 @@ mknod mnt/dev/ttyS0 c 4 64
 mknod mnt/dev/ttyS1 c 4 65
 mknod mnt/dev/ttyS2 c 4 66
 mknod mnt/dev/ttyS3 c 4 67
+for tty in 0 1 2 3 S0 S1 S2 S3; do
+    chmod 620 mnt/dev/tty$tty
+    chown 0:2 mnt/dev/tty$tty
+done
 mknod mnt/dev/random c 1 8
 mknod mnt/dev/null c 1 3
 mknod mnt/dev/zero c 1 5