On April 11, 2016 1:12:22 PM PDT, Andy Lutomirski <l...@amacapital.net> wrote: >On Sat, Apr 9, 2016 at 6:27 PM, Linus Torvalds ><torva...@linux-foundation.org> wrote: >> >> On Apr 9, 2016 5:45 PM, "Andy Lutomirski" <l...@amacapital.net> >wrote: >>> >>> >>> What we *do* want to do, though, is to prevent the following: >> >> I don't see the point. Why do you bring up this insane scenario that >nobody >> can possibly care about? >> >> So you actually have any reason to believe somebody does that? >> >> I already asked about that earlier, and the silence was deafening. > >I have no idea, but I'm generally uncomfortable with magical things >that bypass normal security policy. > >That being said, here's an idea for fixing this, at least in the long >run. Add a new devpts mount option "no_ptmx_redirect" that turns off >this behavior for the super in question. That is, opening /dev/ptmx >if "pts/ptmx" points to something with no_ptmx_redirect set will fail. >Distros shipping new kernels could be encouraged to (finally!) make >/dev/ptmx a symlink and set this option. > >We just might be able to get away with spelling that option >"newinstance".
What about the idea of making the bind mount automatic? -- Sent from my Android device with K-9 Mail. Please excuse brevity and formatting.