diff options
| author | mbr <mbr@FreeBSD.org> | 2006-10-04 05:43:39 +0000 |
|---|---|---|
| committer | mbr <mbr@FreeBSD.org> | 2006-10-04 05:43:39 +0000 |
| commit | 7d21b9894a526fdced445755f54fc819438a524e (patch) | |
| tree | 506cf575992c7e6519d015922755629355dd025b /sys | |
| parent | 91ef326cd2c02accfd8a12525177913544510af5 (diff) | |
| download | FreeBSD-src-7d21b9894a526fdced445755f54fc819438a524e.zip FreeBSD-src-7d21b9894a526fdced445755f54fc819438a524e.tar.gz | |
Back out part of rev. 1.149. While adding a workaround in ptcopen() to
avoid leaked ptys works fine, this opens a possible security hole.
Submitted by: bde
MFC after: 3 days
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/tty_pty.c | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/sys/kern/tty_pty.c b/sys/kern/tty_pty.c index 2f1b2eb..a973f6a 100644 --- a/sys/kern/tty_pty.c +++ b/sys/kern/tty_pty.c @@ -335,15 +335,8 @@ ptcopen(struct cdev *dev, int flag, int devtype, struct thread *td) } tp = dev->si_tty; - if (tp->t_oproc) { - /* - * Only return if we have a non empty - * state to avoid leakage. Workaround for - * vfs bugs and complications near revoke(). - */ - if (tp->t_state != 0x0 || tp->t_refcnt > 1) - return (EIO); - } + if (tp->t_oproc) + return (EIO); tp->t_timeout = -1; tp->t_oproc = ptsstart; tp->t_stop = ptsstop; |
