[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: openpty: limits for name
On Thu, Jul 12, 2012 at 12:13:18PM +0200, Thomas Klausner wrote:
> A Linux man page I found for openpty says:
> Nobody knows how much space should be reserved for name. So,
> calling openpty() or forkpty() with non-NULL name may not be secure.
> Our man page is silent on that.
> The code in libutil/pty.c just does:
> if (name)
> (void)strcpy(name, linep);
> I wonder if we (can and) want to promise a limit in the man page, or
> just add a comment like the one in the Linux man page.
Well, "nobody knows how much space to use" is a long form of "do not
use this interface", so unless we want to join the Linux world in
deprecating these calls in favor of open-coding the logic and calling
grantpt(), it should be defined and documented.
it is probably also worth getting the change into all the BSDs.
David A. Holland
Main Index |
Thread Index |