Thus spake Greg A. Woods ("GAW> ") sometime Today...


GAW> (Of course screen wouldn't need to run as root if NetBSD had an
GAW> independent and more secure way of granting PTY device file privileges
GAW> without having to make nearly every program that allocates PTYs into a
GAW> setuid-root monster.)

...couldn't systrace alleviate this?

There's been a bit of comment on this topic, actually, by the JOVE crew.
They're looking for ways that ptys can have owners in the shell-windows
without having to fork a portmaster or something.

Is there a way we could do ptmx + /dev/pty.. via something akin to
grantpt() without degenerating into /dev/pts/* notation?

I'm not even sure of the problem; if the kernel keeps track of ptys as
it is, what's the risk to other programs who want ptys by allowing
users to allocate them?  Is it a DoS risk?  It's not really a race
condition; if you go to grab a pty, you should either get it or not and
move on to the next one.

If the kernel ISN'T keeping track of ptys (including ownership), that
would need to be addressed.

The thing that a ptmx device would give us is the ability to open "/dev/ptmx"
and get handed back an fd to a pty, which we can then look up at our leisure
via fd::fstat->st_dev, rather than racing through all the ptys and trying
to open them one by one (which IS a race condition).  (/var/run/dev.db
would be really handy here :).

				--*greywolf;
--
22 Ways to Get Yourself Killed While Watching 'The Lord Of The Rings':

#11: During "The Two Towers," when the Ents decide to march to war,
    stand up and shout "RUN, FOREST, RUN!"