svn commit: r184300 - in stable/7/lib: libc/stdlib libutil
John Baldwin
jhb at freebsd.org
Mon Oct 27 20:43:31 UTC 2008
On Monday 27 October 2008 03:40:08 pm Ed Schouten wrote:
> * John Baldwin <jhb at freebsd.org> wrote:
> > I would perhaps add a note that the duplicate revoke() in openpty() is
only to
> > support legacy libc's with broken unlockpt() routines. We could maybe
remove
> > the revoke()/ptsname() from openpty() on 8.x though as all 8.x machines
> > should have a working unlockpt().
>
> Good point, but I'd rather leave revoke() there for at least a couple of
> months. If people just download the openpty() source from -CURRENT
> through cvsweb and use it as an example for their own application, they
> could create a potential security issue when they run the application on
> RELENG_*.
>
> Shall we leave the revoke() call there for now, but remove it before we
> ship 8.0-RELEASE?
I would go ahead and axe it from 8 now since the safety net bits are in 6.x
and 7.x already. I honestly wouldn't expect people to use openpty()'s
implementation as the reference way to use posix_openpt() and friends.
Rather, I imagine they would derive that from manpages online or other
sources.
--
John Baldwin
More information about the svn-src-stable-7
mailing list