Source-Changes-D archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/etc



On Sep 7,  9:20pm, tsutsui%ceres.dti.ne.jp@localhost (Izumi Tsutsui) wrote:
-- Subject: Re: CVS commit: src/etc

| > Easier maybe, but we do not realy want those device nodes on typical /dev
| > filesystems (at least that was my understanding).
| 
| - What's the actual benefits on removing those device nodes on /dev?
|   Is it more important than possible fallouts in install materials?

When ptyfs is mounted the pty nodes in ptyfs are used and not the entries
in /dev. The entries in /dev have the same major and minor numbers and they
are not chowned chmod'ed appropriately (they are world readable and writable).
So anyone can spy on you (fortunately TIOCSTI is limited to the superuser
so random people cannot write to your terminal). This is a security issue.
The old pty allocation code required superuser access to chown/chmod the
tty device nodes.

| - If we are going to remove compat pty nodes completely,
|   why don't we also update all install stuff not implicitly
|   using those node, i.e. shouldn't we change all install media
|   to have mount_ptyfs(8) and explicitly mount /dev/pts in /.profile
|   or /etc/rc scripts?

We could do that, the ptyfs code is pretty small. I don't think it is a good
idea to do this for -6. But the postinstall code removes the pty nodes, so
there should be no security problem. If we do that, we can remove the
COMPAT_BSDPTY code and there will be no size difference.

| Current situation (fixing only MAKEDEV) seems quite inconsistent for me.
| 
| > > We had to fix src/distrib/sparc/miniroot/Makefile.inc recently, and now
| > > we might also have to fix src/distrib/common/bootimage/Makefile.bootimage
| > > (though it fortunately works since MD MAKEDEV.conf of amd64/i386 have 
"ipty"
| > >  in target "all" and no other ports have installimage).
| > 
| > I should have used ipty instead of opty. IMHO it is a bug that x86 md_all
| > includes it - we should fix that and then, of course, fix 
Makefile.bootimage -
| > it probably should just use "init".
| 
| No, Makefile.bootimage is shared by both liveimages and installimages,
| so if the "all" target in MI MAKEDEV.conf doesn't handle "all" default
| environments including installation stuff, we have to add an extra
| variable to switch an arg passed to MAKEDEV script.
| 
| If all people claim that's the right thing I can fix it so,
| but I don't see particular advantage on it over adding compat ipty
| to MI "all" target since we don't have enough man power.

Perhaps for head the solution is to bite the bullet and have the install
media mount ptyfs.

christos


Home | Main Index | Thread Index | Old Index