Controlling Terminal Proposal using relibc
For controlling terminal, we need the following functions in a (possibly in cterm:
scheme (possibly best in the kernel)ptyd
):
- Set~~/get~~ the controlling terminal for a session
Set/get the foreground process group for a terminal- This implies lookup by terminal path or session
- If this functionality is not in the kernel, details of processes, process groups and sessions (including uid) will need to be queried from the kernel to determine whether to allow the action
When a process is created, it will have a possibly empty controlling_terminal
property in libc that it cannot change directly.
- To open a tty, rather than opening
pty:5
, a process will openlibc:term/pty/5
- If the process has a controlling terminal or if O_NOCTTY is set, this will just forward to
pty:5
-
libc:tty
will also reference the controlling terminal property rather than$TTY
as it does now - If there is no controlling terminal and O_NOCTTY is not set, then it will trigger setting the controlling terminal as follows:
-
libc:
will get thepty:5
path and try to open it - if it succeeds,
libc:
will write the process's session id and thepty:5
path to thecterm:
scheme - the
cterm:
scheme will verify that the pty is not used by another process, it is owned by this user (fstat
?) and the session id is valid and belongs to this user - (according to Linux man pages, only the session leader can cause this behavior, other *nix imply it is triggered by any process in the group)
-
Since we are checking uid of sessions and processes as well as the caller, I think this will be safe.