Amendments to pconsole fast-track [PSARC/2009/275 FastTrack timeout 05/08/2009]
Nicolas Williams
Nicolas.Williams at sun.com
Tue May 5 09:31:45 PDT 2009
On Tue, May 05, 2009 at 11:09:18AM -0500, Nicolas Williams wrote:
> Here's a question: can you cause pconsole to accidentally
> clobber some other user's pty?
I've looked at the source. pconsole does an open() of a given device
with O_RDWR and adds it to its list only if that succeeds, and it does
not re-open the device. So I _think_ it's safe. Note that if you give
pconsole a privilege rather than letting it run as root then you'll need
to change pconsole to be privilege aware and to use setppriv(2) to
switch between having privileges and not.
Still, one ought to look at classic tools like xkibitz for how to do
this the right way. The fundamental problem here is that pconsole wants
to let you start each connection in a terminal of your choosing (xterm,
rxvt, whatever), and those terminals will manage a pty entirely on their
own, which cuts pconsole out of the loop, which is why it wants that
privilege.
Now, one possibility is that pconsole ought not need any privilege at
all -- that strioctl()/secpolicy_sti() should allow this ioctl when the
caller a) owns the pty and b) has PRIV_PROC_SESSION. After all, the
caller could just debug the terminal process to insert the desired
characters into the pty master...
Nico
--
More information about the opensolaris-arc
mailing list