[20528] in bugtraq
Re: Announcing ptyfix
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed May 2 11:44:56 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <tgoftcgmyk.fsf@mercury.rus.uni-stuttgart.de>
Date: Wed, 2 May 2001 10:43:47 +0200
Reply-To: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
From: Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
X-To: Paul Szabo <psz@MATHS.USYD.EDU.AU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <200104302058.f3UKwqb63834@milan.maths.usyd.edu.au> (Paul Szabo's
message of "Tue, 1 May 2001 06:58:52 +1000")
Paul Szabo <psz@MATHS.USYD.EDU.AU> writes:
> The privileged (setuid root) command ptyfix is used from within executables
> that use the openpty() call. An example is xterm: with this helper, xterm
> itself does not need to be setuid.
The correct fix is to implement SysV-style PTYs. I think they are
required by SuSv2 as well. Only some BSD systems do not provide this
kind of PTYs, almost all other flavors do.
> Currently ptyfix works only on Compaq Tru64 UNIX (DEC OSF/1) machines.
The helper application is not required, you should open /dev/ptmx or
/dev/ptmx_bsd and use grantpt() and unlockpt(). (The True64 5.1
manpage suggests that openpty() already uses SysV PTYs, but that's not
mentioned in earlier versions, such as DIGITAL UNIX 4.0D.)
--
Florian Weimer Florian.Weimer@RUS.Uni-Stuttgart.DE
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
