BSD tty security, part 3: How to Fix It

[Dan Bernstein]

I apologize to the rest of the net for Muller's attempts to drag this
thread into issues only relevant to the latest non-production release
from Berkeley. There are no technical points in this article, and I have
set followups appropriately. Hopefully the rest of us can continue to
discuss issues of some importance under this subject line.

In article <19105 at sdcc6.ucsd.edu> muller at sdcc10.ucsd.edu (Keith Muller) writes:
> For the sake of reducing net noise only one part of Dans message bears
> comment.....

``Net noise''? For someone who's claimed in public that no BSD release
has included u_ttyp when in fact they all have until Reno, you should
learn to be both more careful and more polite.

> > Obviously you don't understand what an I/O operation is. If someone is
> > performing a read operation or write operation on a tty, he has already
> > gotten past the access checks in the open file table, and terminating
> > permission there doesn't stop the operations in progress.
> Wrong. You failed to read my suggestion.

The context, which you deleted, was your quote of *current* kernel code,
and I responded likewise.

I have been reading your suggestions. I do not find them relevant to
this thread, because they do not fix tty problems on the vast majority
of BSD-derived systems. If you wish to continue talking about changes
that only have a positive effect under BSD 4.3-Reno, please start a new
thread with an accurate subject line. Or, if you want your changes to be
adopted, talk to Berkeley directly. As they are redoing the tty system
anyway I doubt they'll listen.

> For example here is a partial sample of the code. This will
> work with the unmodified 4.3 Tahoe vhangup().

Sorry, but after your comments about u_ttyp I have to assume that when
you say ``work'' you are referring to little more than proper syntax.

---Dan