Date: Tue, 23 Feb 2016 19:41:36 +0300 From: "Dmitry V. Levin" <ldv@...linux.org> To: oss-security@...ts.openwall.com Subject: Re: Access to /dev/pts devices via pt_chown and user namespaces On Tue, Feb 23, 2016 at 07:17:54PM +0300, Solar Designer wrote: > On Tue, Feb 23, 2016 at 12:03:54PM +0000, halfdog wrote: > > Sending content from  also to oss-security as requested last time: > > Thank you. This public disclosure is very late, though. I didn't > realize you were still holding some of your findings on this. > > > With Ubuntu Wily and earlier, /usr/lib/pt_chown was used to change > > ownership of slave pts devices in /dev/pts to the same uid holding the > > master file descriptor for the slave. > > I think pt_chown is only needed for legacy BSD pty's, and no longer > needed for Unix 98 pty's that Linux systems use these days. Perhaps it > should be dropped from upstream glibc by now. Just for the record, pt_chown is not enabled by default in upstream glibc starting with glibc-2.18, one has to specify --enable-pt_chown configure option explicitly to build pt_chown. glibc documentation clearly states that "the use of pt_chown introduces additional security risks to the system and you should enable it only if you understand and accept those risks": https://www.gnu.org/software/libc/manual/html_node/Configuring-and-compiling.html#index-grantpt-1 -- ldv [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ