[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#988: Pty allocation: additional info

I forgot to explain the security aspects when seen from the other
side: that the three setuid-root binaries can't be exploited even when
the caller does not follow the recipe.

The worst getpty can do is set tty access to root-only.  If the caller
is persistent, it could do this to all free ptys.  Most programs that
allocate pty/tty pairs won't mind if this happens, since they run as
root anyway.  The ones that don't can use getpty ;-).  The caller
could do far more damage by simply opening all the free pty master

claimpty and releasepty both change the tty permissions for an in-use
pty.  This could be a problem, which is why they both require that the
caller pass an open file descriptor for that pty.  Since a pty can be
opened only once, this guarantees that the caller is the process in
charge of that pty/tty pair.

I'll include this information in the man page if/when I make a getpty

Richard Braakman

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: