On Wed, Jan 25, 2017 at 12:33:36AM -0700, Theo de Raadt wrote: > > 2. vmd calls openpty() in the pledged parent whenever a new VM is > > started - effectively doing ioctls on post-pledge fds. I will > > probably solve this by opening the pty in the non-pledged "priv" > > process, and do some additional passing, but then I'll also have to > > give up its chroot to access /dev/. > > > > vmd: ioctl 40287401 post-pledge fd 12 > > vmd(51681): syscall 54 "tty" > > How about opening PATH_PTMDEV early and keeping it open in a > properly protected process; then create pty pairs as required.
Oh, yes, I should have looked at openpty() in libutil first :) That makes sense, I will try it. Reyk
