On Jun 18, 10:52pm, mrg@eterna.com.au (matthew green) wrote:
-- Subject: re: CVS commit: src/lib/libutil

| it is.  but it's an old security issue we've had forever.  right now
| openpty() _IS_ failing for people who install a new xterm without a
| new kernel (which is always a valid option IMO.)  programs while about
| it when there is a problem - i don't see that it's so bad that we need
| to reject it.
| 
| ie, it's up to the caller to decide.  right now you're going to break
| systems missing "ptm" from being able to use "xterm" at all, right?

Yes, since xterm is not setuid anymore. I can change it to a warn I guess
for now.

| secure is a locked fireproof safe at the bottom of the ocean? :)
| 
|    Oh, and I am trying to figure out how to make ptm mandatory, but how do
|    you do this without putting pseudo-device ptm in sys/conf/files? And then
|    how can you avoid having it if you don't want to?
| 
| heh.  shouldn't this be as easy as fixing the #ifdef NPTM (which
| should be "#if NPTM" anyway!!) to be #ifndef PTY_NO_PTM?

I'll try that, thanks.

christos