Am 15.08.2013 14:06, schrieb Allan McRae:
Hi all,
The update to glibc-2.18 removes pt_chown which is a security risk. It is not needed on an Arch system given we have /dev/pts.
However, some people appear to have /dev/pts in their /etc/fstab file, which generates it with the wrong permissions. This will result in errors like "grantpt failed: Operation not permitted".
Thank you for this. Before, it was impossible to use glibc's openpty() in an environment where your root was mounted nosuid or with PR_SET_NO_NEW_PRIVS set to 1. The system call for the new pty would succeed, the permissions on the pts-device would be correct, too. Then glibc would call pt_chown to fix the permissions (which were already correct) which would fail due to insufficient permissions. On top of that, it would output an errno code that was not documented for openpty(). Took me hours to figure this out (and replace pt_chown with a symlink to /bin/true to fix it).