Theodore Ts'o:
> This is a bug in emacs and in script; they both allocate pty's
> insecurely. I think this problem has been brought up before on
> various emacs lists, but remember RMS's MIT AI-lab heritage; he
> doesn't really care about security (he tells everyone his password
> is "rms" --- why should he worry about security?).
I think it's a bad idea to take a perfectly reasonable technical
discussion and turn it into a discussion of someone else's
personality. [Particularly when that person is not taking part of the
discussion.] That would be a good way to start people fighting, but
not a good way of resolving the technical issues.
This is a bug in emacs if the current behavior has some reasonable
use or is part of some standard. This is a bug in the kernel if
there's no reason for the current behavior.
If this is a bug in emacs, it should be reported as an emacs bug.
[Race condition between emacs and whatever this reasonable use is. Or
violation of whatever relevant standard.]
If this is a kernel bug, this is a reasonable topic for this list.
> Bottom line? For right now, we're following BSD. If we want to
> make changes to plug some security holes, let's plug *all* of the
> security holes, which will probably mean redesigning how all
> applications obtain their pseudo-ttys.
I emphatically agree with this.
I'd also like to recommend that if we continue to follow BSD that
someone excerpt Ted's comments on how to do this right as a pty
mini-howto, and send a copy to the maintainers of programs like emacs,
script and term.
Better yet, the helper program should get a decent name
(say, /usr/bin/allocpty) and be made a part of all standard linux
systems. [If it's the right answer, that is.]
-- Raul