[PATCH] ioctl_tty.2: add TIOCGPTPEER documentation
Aleksa Sarai
asarai at suse.de
Wed Aug 16 04:43:29 UTC 2017
> I've applied this patch, and then tweaked the wording a little. Could
> you please check the following text:
>
> TIOCGPTPEER int flags
> (since Linux 4.13) Given a file descriptor in fd that
> refers to a pseudoterminal master, open (with the given
> open(2)-style flags) and return a new file descriptor that
> refers to the peer pseudoterminal slave device. This oper‐
> ation can be performed regardless of whether the pathname
> of the slave device is accessible through the calling
> process's mount namespaces.
>
> Security-conscious programs interacting with namespaces may
> wish to use this operation rather than open(2) with the
> pathname returned by ptsname(3), and similar library func‐
> tions that have insecure APIs.
Yup, that sounds good.
> I also have a question on the last sentence: what are the "similar library
> functions that have insecure APIs"? It's not clear to me what you are
> referring to here.
There are a few posix_-style functions provided by glibc that are just
wrappers around the open+ptsname combo that I mention earlier in the
sentence (and thus are vulnerable to the same issue). But if you feel
it's confusing you can feel free to drop it.
Thanks.
--
Aleksa Sarai
Software Engineer (Containers)
SUSE Linux GmbH
https://www.cyphar.com/
More information about the Containers
mailing list