On Mon, Apr 11, 2016 at 4:37 PM, Eric W. Biederman <ebied...@xmission.com> wrote: > > My practical concern if we worked through the implementation details > would be how would it interact with people who bind mount /dev/pts/ptmx > on top of /dev/ptmx. We might get some strange new errors.
Yes, please don't let's play "clever" games. The semantics should be fairly straightforward. I still don't understand why people think that you shouldn't be able to access a 'pts' subsystem that is accessible to others. If you can bind-mount the pts directory somewhere, then you can damn well already see that pts mount, claiming that somehow it should be sacred ground and you shouldn't be able to access it with a ptmx node outside of it is just insane. So people have been bringing that up as an issue, but nobody has ever actually been able to articulate why anybody should ever care. Now people are just making up random odd semantics. Nobody has ever explained why the _simple_ "ptmx binds to the pts directory next to it" is actually problem. Even for a bind mount, you have to be able to open the point you're mounting, so we know that the "attacker" already had access to the pts subdirectory. If somebody wants to keep the pts mount private, they should damn well keep it _private_. I don't understand peoples "oh, you can access it but you can't access it".excuses. Linus