Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933363AbcDSVAO (ORCPT <rfc822;w@1wt.eu>);
	Tue, 19 Apr 2016 17:00:14 -0400
Received: from terminus.zytor.com ([198.137.202.10]:44572 "EHLO mail.zytor.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1754482AbcDSVAM (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Tue, 19 Apr 2016 17:00:12 -0400
Subject: Re: Does anyone care about a race free ptsname?
To: "Eric W. Biederman" <ebiederm@xmission.com>
References: <878u0s3orx.fsf_-_@x220.int.ebiederm.org>
 <83FE8CD2-C0A2-4ADB-AEBD-8DD89AD4F88A@zytor.com>
 <87bn5ij0x1.fsf@x220.int.ebiederm.org>
 <78205895-E11D-417F-91DC-4BCA0B61A122@zytor.com>
 <CA+55aFyB7y8TfQ=_EvMAFONS6oSPs=uY88f+S6n_QWh4MkKTHg@mail.gmail.com>
 <FC521A3F-4BEB-427E-AE8E-CA54C0128AA3@zytor.com>
 <CA+55aFw62q5bjNiK7Q9dEQQEDZs5fbUxNPxDq376OZJ6JKT=Rg@mail.gmail.com>
 <CALCETrUZ=QVZbTCr3gvhSd2-j_U4R02y5fCxbddG_HsQdnuBkw@mail.gmail.com>
 <CA+55aFzs00iDkYhvFCq=AZMVcNL0+oZT4SeimTeVurJq=5ZS3A@mail.gmail.com>
 <CALCETrUQ_Oad61dYvPpYFxDBT++jhZoAT3e4n4yiu22iTNcxNQ@mail.gmail.com>
 <CALCETrUJ_KuGJoVxuUjWGCNHBNs5Vk8E68MtsWoTdURJ+=iJnQ@mail.gmail.com>
 <CA+55aFzchGpOp0R0RjM6Bsk23GWp1t76fgFi8q6FZQndHq5EtA@mail.gmail.com>
 <570D4781.3070600@zytor.com> <877ffyzy1j.fsf_-_@x220.int.ebiederm.org>
 <alpine.LFD.2.20.1604161105040.30857@i7>
 <87inzdmo9z.fsf_-_@x220.int.ebiederm.org>
 <B0092104-8559-42D5-BE05-9A2EA3BC9A59@zytor.com>
 <877fftiblc.fsf@x220.int.ebiederm.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
        Andy Lutomirski <luto@amacapital.net>, security@debian.org,
        "security@kernel.org" <security@kernel.org>,
        Al Viro <viro@zeniv.linux.org.uk>,
        "security@ubuntu.com >> security" <security@ubuntu.com>,
        Peter Hurley <peter@hurleysoftware.com>,
        Serge Hallyn <serge.hallyn@ubuntu.com>, Willy Tarreau <w@1wt.eu>,
        Aurelien Jarno <aurelien@aurel32.net>,
        One Thousand Gnomes <gnomes@lxorguk.ukuu.org.uk>,
        Jann Horn <jann@thejh.net>, Greg KH <greg@kroah.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jiri Slaby <jslaby@suse.com>, Florian Weimer <fw@deneb.enyo.de>
From: "H. Peter Anvin" <hpa@zytor.com>
Message-ID: <57169B2D.6030606@zytor.com>
Date: Tue, 19 Apr 2016 13:55:09 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.7.1
MIME-Version: 1.0
In-Reply-To: <877fftiblc.fsf@x220.int.ebiederm.org>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 837
Lines: 20

On 04/19/2016 01:32 PM, Eric W. Biederman wrote:
> 
> The challenge came in operations such as granpt.  Where you are passed
> in a ptmx file descriptor from who knows where, and you pass it on
> to applications such as pt_chown which run with elevatated privileged.
> 
> As the information is available of where devpts is mounted in
> relationship to /dev/ptmx I have no more concerns about implementing
> ptsname.  Path pased is also sufficiently backwards compatible it would
> not usually be wrong even on existing kernels.
> 

pt_chown is evil.  It should have been removed ages ago, and from the
very beginning have failed if run on a devpts filesystem.  Unfortunately
the glibc people didn't do so, and that is a major reason we're in the
current mess.

That being said, the ioctl(TIOCOPENSLAVE) idea would deal with that.

	-hpa