Xref: utzoo comp.emacs:6725 comp.bugs.4bsd:1375
Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!cornell!uw-beaver!uw-entropy!quick!srg
From: srg@quick.COM (Spencer Garrett)
Newsgroups: comp.emacs,comp.bugs.4bsd
Subject: Re: Interactive shells in emacs:  a security problem?
Message-ID: <4588@quick.COM>
Date: 23 Aug 89 19:18:44 GMT
References: <6973@sdcsvax.UCSD.Edu>
Distribution: na
Organization: Quicksilver Engineering, Seattle
Lines: 9
Keywords: emacs, ptys, security

In article <6973@sdcsvax.UCSD.Edu>, mattson@beowulf.ucsd.edu (Jim Mattson) writes:
-> It seems that this is an inherent problem in the way 4BSD programs use ptys.
-> If the program does not run setuid root, it cannot guarantee the security
-> of the pty connection.  Maybe there should be an ioctl that allows a
-> regular user to make himself/herself the owner of an open pty connection.
-> That seems really awful, though.  Are there other solutions?

Sure.  Just set TIOCEXCL on the master side when you open it, and refuse
to spin off a shell until that call succeeds.