From owner-freebsd-audit  Sat Jan 20  2:48:15 2001
Delivered-To: freebsd-audit@freebsd.org
Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.189])
	by hub.freebsd.org (Postfix) with SMTP id 2DA6937B400
	for <audit@FreeBSD.org>; Sat, 20 Jan 2001 02:46:59 -0800 (PST)
Received: (qmail 997 invoked by uid 1000); 20 Jan 2001 10:45:30 -0000
Date: Sat, 20 Jan 2001 12:45:30 +0200
From: Peter Pentchev <roam@orbitel.bg>
To: Kris Kennaway <kris@FreeBSD.org>
Cc: audit@FreeBSD.org
Subject: Re: openpty(8) helper app
Message-ID: <20010120124530.A332@ringworld.oblivion.bg>
Mail-Followup-To: Kris Kennaway <kris@FreeBSD.org>, audit@FreeBSD.org
References: <20010120011948.A37806@citusc17.usc.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010120011948.A37806@citusc17.usc.edu>; from kris@FreeBSD.org on Sat, Jan 20, 2001 at 01:19:48AM -0800
Sender: owner-freebsd-audit@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, Jan 20, 2001 at 01:19:48AM -0800, Kris Kennaway wrote:
> For a long time now I've been wanting to fix openpty(3) to work
> correctly for non-root users, i.e. to change the ownership and file
> permissions so that it is secure for non-root callers (presently it's
> a big security hole than ptys obtained will still be world
> readable/writable, so applications cannot use them securely).
> 
> Then I discovered bin/9770, which is a solution to this problem which
> has existed for almost 2 years :-)
> 
> Here's the patch - please review carefully:
> 
> Kris
> 
[snip]
> diff -u -r1.10 pty.c
> --- lib/libutil/pty.c	1999/08/28 00:05:51	1.10
> +++ lib/libutil/pty.c	2001/01/20 08:49:27
> @@ -43,16 +43,61 @@
>  #include <sys/types.h>
>  #include <sys/ioctl.h>
>  #include <sys/stat.h>
> +#include <sys/wait.h>
>  
>  #include <errno.h>
>  #include <fcntl.h>
>  #include <grp.h>
> +#include <signal.h>
>  #include <stdlib.h>
>  #include <string.h>
>  #include <termios.h>
> +#include <time.h>
>  #include <unistd.h>
>  #include <libutil.h>
>  
> +#ifndef _PATH_TTYMODE
> +#define _PATH_TTYMODE "/usr/libexec/ttymode"
> +#define NAME_TTYMODE "ttymode"
> +#endif

Shouldn't _PATH_TTYMODE be also defined in /usr/include/paths.h?

G'luck,
Peter

-- 
Nostalgia ain't what it used to be.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-audit" in the body of the message