[380] in linux-security and linux-alert archive
Re: Problem with /dev/ttyp*
daemon@ATHENA.MIT.EDU (Malcolm Beattie)
Thu Sep 21 10:53:02 1995
From: Malcolm Beattie <mbeattie@sable.ox.ac.uk>
To: tytso@MIT.EDU (Theodore Ts'o)
Date: Thu, 21 Sep 1995 10:52:49 +0000 (BST)
Cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <9509202022.AA23699@dcl.MIT.EDU> from "Theodore Ts'o" at Sep 20, 95 04:22:15 pm
[mod: quoting trimmed --okir]
Theodore Ts'o writes:
> One of the problems here is that vhangup() isn't completely portable, so
> what's secure on one operating system isn't necessarily secure on
> another system. BSD 4.4 doesn't have vhangup() at all; I'm not sure how
> they handle this particular problem.
Surely if it's done the POSIX way then you don't need vhangup? The login
process should become a session leader with setsid() and then acquire a
pseudo-terminal as controlling terminal (see POSIX 7.1.1.3). Once it's
done that, processes in any other session that try to read from/write to
that terminal should get EOF on reads and EIO on writes (7.1.1.10).
--Malcolm
--
Malcolm Beattie <mbeattie@sable.ox.ac.uk>
Unix Systems Programmer
Oxford University Computing Services
