[ On Sunday, July 29, 2001 at 10:14:14 (-0400), Michael Richardson wrote: ]
> Subject: pty allocation (Re: default /dev/tty* mode and ownership )
>
>   D. Hugh Redelmeier (sometimes maintainer of Jove, current Linux FreeSWAN
> pluto maintainer) pointed out to me last night at a party that there was no
> race-condition free way for a non-root process (e.g. Jove, emacs, screen,
> expect) to allocate a pty, since non-root can't chown() it, and thus can not
> call revoke(2).
> 
>   DHR suggests that openpty(3) could invoke a setuid helper program like it
> does on SVR4 to do this. My thought is that we should really have /dev/pts 
> or some such that does the allocation, and does the chown() automatically.

Yes, I've talked to Hugh on many occasions about these problems.

I'm not sure the UNIX SysVr4 approach is best, but it is quite common.
I think he'd be happy with API compatability, though it would be nice to
have full low-level implementation compatability too for those programs
that roll their own PTY allocator instead of using the system one.  Last
I talked to him he seemed happy enough with the API defined by SuSv2
(and/or UNIX98).

It may be safer to do the allocation in a driver if for no other reason
than it'll prevent more people from breaking any user-land
implementation!  ;-)

Doing something about this has been so low on my personal priority list
though that I've punted on the issue so far....

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>     <woods@robohack.ca>
Planix, Inc. <woods@planix.com>;   Secrets of the Weird <woods@weird.com>