Bug#859003: systemd-container: strange permissions on /dev/pts/ptmx

Felipe Sateler fsateler at debian.org
Wed Mar 29 15:00:33 BST 2017


On Wed, Mar 29, 2017 at 10:07 AM, Russell Coker <russell at coker.com.au> wrote:
> Package: systemd-container
> Version: 232-22
> Severity: normal
>
> # grep pts /proc/mounts
> devpts /dev/pts devpts rw,seclabel,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0
> # ls -l /dev/pts/ptmx
> c---------. 1 root root 5, 2 Mar 20 21:51 /dev/pts/ptmx
>
> The above is from a regular Debian/unstable shell.
>
> # grep pts /proc/mounts
> devpts /dev/pts devpts rw,seclabel,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666 0 0
> # ls -l /dev/pts/ptmx
> crw-rw-rw-. 1 root root 5, 2 Mar 30  2017 /dev/pts/ptmx
>
> The above is from a shell run from a chroot managed by systemd-nspawn.  I have
> systemd-nspawn starting the below shell script that runs sshd, so nothing in
> the chroot environment has any effect on mount options.
>
> Why does the virtual environment created by systemd-nspawn have different
> permissions for /dev/pts/ptmx than the outside environment?  I am not claiming
> that what systemd-nspawn is doing is inherently wrong (it might be the correct
> thing for other distributions), but I believe that it should be consistent with
> the main Debian environment.  It is plausible that systemd-nspawn is correct
> here and the rest of Debian is wrong, if so please reassign the bug
> appropriately.  But as a security person I'm leaning towards minimum privileges
> being the correct choice, which means mode 0 would be correct and mode 666
> (as used by systemd-nspawn) would be a bug.

>From the kernel documentation:

> As an option instead of placing a /dev/ptmx device node at /dev/ptmx
> it is possible to place a symlink to /dev/pts/ptmx at /dev/ptmx or
> to bind mount /dev/ptx/ptmx to /dev/ptmx.  If you opt for using
> the devpts filesystem in this manner devpts should be mounted with
> the ptmxmode=0666, or chmod 0666 /dev/pts/ptmx should be called.

And indeed nspawn sets up /dev/ptmx as a symlink, while debian host
does not do that. In the host, /dev/ptmx has 0666 permissions.

[1] https://www.kernel.org/doc/Documentation/filesystems/devpts.txt


-- 

Saludos,
Felipe Sateler




More information about the Pkg-systemd-maintainers mailing list