I have part of idea of another workaround for pty (but not for tty). Open console: $ ls -l --full-time --time=ctime `tty` crw------- 1 darkk tty 136, 2 2009-11-14 15:41:39.260720360 +0600 /dev/pts/2
Close console, open console again: $ ls -l --full-time --time=ctime `tty` crw------- 1 darkk tty 136, 2 2009-11-14 15:43:31.320713474 +0600 /dev/pts/2 So ticket may include ctime of pty. On the other hand, malicious attacker can change ctime of the /dev/pts/2 and he may get correct ctime watching /dev/pts (he can't get ctime from ticket data). I don't know if it may be avoided using something like POSIX ACL's and I assume that POSIX ACL's are not supported by ptsfs. Maybe someone has better idea. -- sudo option "tty_tickets" gives false sense of security due to reused pts numbers https://bugs.launchpad.net/bugs/87023 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
