It would be nice if one would know whom you are replying to.

the person in the To: line of course.
   
   mrg@eterna.com.au (matthew green) writes:
   >this is exactly what does *not* happen now.  what happens now is:
   
   >	- if you are root, you can do it.
   >	- if you are not root, you can only do it iff UCONSOLE.
   
   That's from a kernel POV.  From a user's POV w/o UCONSOLE xconsole doesn't
   work but "xterm -C" does.  This is nonsensical to me.

that's because xterm is setuid root and xconsole is not.  setuid
xconsole also `works' and i used this for a short while until i
decided i didn't want to :)
   
   >this is also exactly what *should* happen.  did you not read
   >what i posted? :-)
   
   a) it is utterly unclear to me that that is what *should* happen.
   b) frankly, I couldn't find more from you then what happens know and vague
   allusions that you are "investigating this".

this is what i wrote.  the above was a reply to a reply to this.

   the problem here is that there is no clean way to find out
   the owner of /dev/console from within the kernel.  ideally
   TIOCCONS should be limited to root and this user.  this is
   something i tried to solve about 5 years ago but failed.

   (perhaps it should also be based on the permissions of
   /dev/console -- world writable, and anyone can have it).


my feeling on this is that anyone with read access on
/dev/console should be able to do a TIOCCONS.