On Jun 18,  1:17pm, mrg@eterna.com.au (matthew green) wrote:
   -- Subject: re: CVS commit: src/lib/libutil
   
   |    
   |    Modified Files:
   |    	src/lib/libutil: openpty.3 pty.c
   |    
   |    Log Message:
   |    Don't allow openpty to succeed if the caller is non-superuser.
   | 
   | 
   | i'm not sure this is the right thing to do.  why make this change?
   
   It is a security issue, isn't it to have a pty that others can read/write to?

it is.  but it's an old security issue we've had forever.  right now
openpty() _IS_ failing for people who install a new xterm without a
new kernel (which is always a valid option IMO.)  programs while about
it when there is a problem - i don't see that it's so bad that we need
to reject it.

ie, it's up to the caller to decide.  right now you're going to break
systems missing "ptm" from being able to use "xterm" at all, right?

secure is a locked fireproof safe at the bottom of the ocean? :)

   Oh, and I am trying to figure out how to make ptm mandatory, but how do
   you do this without putting pseudo-device ptm in sys/conf/files? And then
   how can you avoid having it if you don't want to?

heh.  shouldn't this be as easy as fixing the #ifdef NPTM (which
should be "#if NPTM" anyway!!) to be #ifndef PTY_NO_PTM?