From 843184b390bd28b9f7de614c77846ef8b1e321c9 Mon Sep 17 00:00:00 2001 From: deraadt Date: Thu, 22 Oct 2015 10:35:23 +0000 Subject: [PATCH] After some consideration, simply allow TIOCSCTTY in the "tty" pledge. Discussion with nicm. --- sys/kern/kern_pledge.c | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index a5c996e94af..ea9af2323da 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.62 2015/10/20 18:04:03 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.63 2015/10/22 10:35:23 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -1022,11 +1022,6 @@ pledge_ioctl_check(struct proc *p, long com, void *v) fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) return (0); break; - case TIOCSCTTY: /* tmux etc */ - if ((p->p_p->ps_pledge & PLEDGE_ID) && - fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) - return (0); - break; case TIOCSPGRP: if ((p->p_p->ps_pledge & PLEDGE_PROC) == 0) break; @@ -1047,6 +1042,7 @@ pledge_ioctl_check(struct proc *p, long com, void *v) case TIOCSETAW: /* cu, ... */ case TIOCSETAF: /* tcsetattr TCSAFLUSH, script */ case TIOCFLUSH: /* getty */ + case TIOCSCTTY: /* forkpty(3), login_tty(3), ... */ if (fp->f_type == DTYPE_VNODE && (vp->v_flag & VISTTY)) return (0); break; -- 2.20.1