On Sun, Jun 04, 2017 at 12:15:15AM +1000, Aleksa Sarai wrote: > When opening the slave end of a PTY, it is not possible for userspace to > safely ensure that /dev/pts/$num is actually a slave (in cases where the > mount namespace in which devpts was mounted is controlled by an > untrusted process). In addition, there are several unresolvable > race conditions if userspace were to attempt to detect attacks through > stat(2) and other similar methods [in addition it is not clear how > userspace could detect attacks involving FUSE]. > > Resolve this by providing an interface for userpace to safely open the > "peer" end of a PTY file descriptor by using the dentry cached by > devpts. Since it is not possible to have an open master PTY without > having its slave exposed in /dev/pts this interface is safe. This > interface currently does not provide a way to get the master pty (since > it is not clear whether such an interface is safe or even useful). > > Cc: Christian Brauner <christian.brauner@xxxxxxxxxx> > Cc: Valentin Rothberg <vrothberg@xxxxxxxx> > Signed-off-by: Aleksa Sarai <asarai@xxxxxxx> Is this going to be documented anywhere? Is there a man page update that also goes along with this? What userspace program wants to use this? I'm not objecting to this, I just want to know that people will use this, and that they can find out information about it if they want to. thanks, greg k-h