This is the mail archive of the
mailing list for the glibc project.
[Bug libc/19347] New: grantpt: try to force a specific gid even without pt_chown
- From: "aurelien at aurel32 dot net" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sourceware dot org
- Date: Tue, 08 Dec 2015 23:26:35 +0000
- Subject: [Bug libc/19347] New: grantpt: try to force a specific gid even without pt_chown
- Auto-submitted: auto-generated
Bug ID: 19347
Summary: grantpt: try to force a specific gid even without
Assignee: unassigned at sourceware dot org
Reporter: aurelien at aurel32 dot net
CC: drepper.fsp at gmail dot com
Target Milestone: ---
POSIX specifies that the grantpt() function should change the pty node to
permission mode 0620 and to a specific group, which is tty or 5 on Linux. For
that the glibc implementation try to down a chown with the correct group, but
when it is not correct it is very unlikely to be able to succeed for non-root
user. When the chown fails, the whole grantpt() function fails.
This happens for example with a misconfigured (wrt POSIX) /dev/pts filesystem
where the mount option gid=5 is not present. Unfortunately due to the strange
kernel behavior wrt multiple devpts mount, this can happen more than expected.
It can also be an admin choice to default to 0600 to not allow the tty group a
write access (default to mesg n).
When the GNU libc is built without pt_chown, the creation of the pty node, the
group and the permission mode are delegated to the kernel. The libc should just
trust that and therefore not try to change things, beyond the minimal security.
This would allow the grantpt() to work for almost every devpts configuration,
basically as long as the uid of the pty node matches the one requesting it.
A first patch is available there
You are receiving this mail because:
You are on the CC list for the bug.