Page MenuHomeFreeBSD

kern: tty: refactor TIOCSTI privilege checks slightly
ClosedPublic

Authored by kevans on May 24 2025, 12:36 AM.
Tags
None
Referenced Files
F132464019: D50506.id156138.diff
Fri, Oct 17, 3:51 AM
Unknown Object (File)
Thu, Oct 9, 8:01 PM
Unknown Object (File)
Thu, Oct 9, 1:23 PM
Unknown Object (File)
Wed, Oct 8, 6:59 AM
Unknown Object (File)
Fri, Oct 3, 10:34 AM
Unknown Object (File)
Fri, Sep 19, 1:08 PM
Unknown Object (File)
Sep 6 2025, 3:54 AM
Unknown Object (File)
Sep 5 2025, 3:36 PM

Details

Summary

This removes some repetition from it and makes the flow a little more
obvious. Future work may find some way to add more constraints to the
unprivileged path, add a security sysctl to disable it, or perhaps
some combination of the two.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj added inline comments.
sys/kern/tty.c
1653

Or just if (priv_check(td, PRIV_TTY_STI) == 0) return (0);.

This revision is now accepted and ready to land.May 24 2025, 1:26 AM
kib added inline comments.
sys/kern/tty.c
1656

This is counter-intuitive BTW.

sys/kern/tty.c
1656

I agree, but I haven't yet spent any time tracking down the current requirements -- I would've expected to need FWRITE instead to alter the tty buffer.