From 89ff1e4cb88bd0bafbd8fd3706a413fce87afc04 Mon Sep 17 00:00:00 2001 From: Martin Blapp Date: Wed, 4 Oct 2006 05:43:39 +0000 Subject: [PATCH] Back out part of rev. 1.149. While adding a workaround in ptcopen() to avoid leaked ptys works fine, this opens a possible security hole. Submitted by: bde MFC after: 3 days --- sys/kern/tty_pty.c | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/sys/kern/tty_pty.c b/sys/kern/tty_pty.c index 2f1b2eb1708..a973f6a5111 100644 --- a/sys/kern/tty_pty.c +++ b/sys/kern/tty_pty.c @@ -335,15 +335,8 @@ ptcopen(struct cdev *dev, int flag, int devtype, struct thread *td) } tp = dev->si_tty; - if (tp->t_oproc) { - /* - * Only return if we have a non empty - * state to avoid leakage. Workaround for - * vfs bugs and complications near revoke(). - */ - if (tp->t_state != 0x0 || tp->t_refcnt > 1) - return (EIO); - } + if (tp->t_oproc) + return (EIO); tp->t_timeout = -1; tp->t_oproc = ptsstart; tp->t_stop = ptsstop;