Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754738AbcDJAQx (ORCPT ); Sat, 9 Apr 2016 20:16:53 -0400 Received: from mail-io0-f194.google.com ([209.85.223.194]:36782 "EHLO mail-io0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752298AbcDJAQw (ORCPT ); Sat, 9 Apr 2016 20:16:52 -0400 MIME-Version: 1.0 In-Reply-To: References: <878u0s3orx.fsf_-_@x220.int.ebiederm.org> <1459819769-30387-1-git-send-email-ebiederm@xmission.com> <87twjcorwg.fsf@x220.int.ebiederm.org> <20160409140909.42315e6d@lxorguk.ukuu.org.uk> <83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com> <87bn5ij0x1.fsf@x220.int.ebiederm.org> <78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com> Date: Sat, 9 Apr 2016 17:16:51 -0700 X-Google-Sender-Auth: LweE0I4yiqYVPuWEGLhmOz6Pmcw Message-ID: Subject: Re: [PATCH 01/13] devpts: Teach /dev/ptmx to find the associated devpts via path lookup From: Linus Torvalds To: "H. Peter Anvin" Cc: "Eric W. Biederman" , One Thousand Gnomes , Peter Hurley , Greg KH , Jiri Slaby , Aurelien Jarno , Andy Lutomirski , Florian Weimer , Al Viro , Serge Hallyn , Jann Horn , "security@kernel.org" , "security@ubuntu.com >> security" , security@debian.org, Willy Tarreau , Linux Kernel Mailing List Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1682 Lines: 39 On Sat, Apr 9, 2016 at 5:06 PM, H. Peter Anvin wrote: > > Fixing the default permissions is trivial, of course. The intent from the beginning was to make a ptmx -> pts/ptmx, but user space never did... That wasn't my point. Because the permissions have never been usable, I pretty much guarantee that no current user space uses /dev/pts/ptmx. So that node is almost entirely irrelevant. Us fixing the permissions at this point isn't going to make it any more relevant, we might as well ignore it. Which all means that the way forward really is to just make /dev/ptmx work. It's not going away, and it _is_ fairly easy to fix. But I don't think the fix should care about permissions - and we might as well leave the existing pts/ptmx node with broken permissions. Because we've never been actually interested in looking up /dev/pts/ptmx - all we actually care about is to look up which devpts instance it is. And that's not about the ptmx node, that's really about the mount-point. So the right thing to do - conceptually - is *literally* to just say "ok, what is mounted at 'pts'". Note how at no point do we want to _open_ anything. That's why I said that conceptually we could just open /proc/mounts. Because *that* is really the operation we care about. We don't care about lookup, and we don't care about permissions on the ptmx node. Those are completely and utterly irrelevant to what we're actually after. So I think the permission thing is not just extra code with more failure points. I think it's conceptually entirely the wrong thing to do, and just confuses people into thinking that we're doing something that we aren't. Linus