[PATCH 11/11][v3]: Enable multiple instances of devpts

H. Peter Anvin hpa at zytor.com
Fri Sep 5 10:24:18 PDT 2008


Alan Cox wrote:
>> Does presence of /dev/pts/ptmx in single-instance case break userspace ?
> 
> It changes the permssion rules and subverts any permissions and security
> labels applied to the current node.
> 
> If it was there and defaulted to no permission I doubt anything would
> care - ie presence is not the problem, rights management is.

It would be easy enough to have it default to mode 000 unless otherwise 
specified.  For the default instance it is important that a remount can 
update the permissions (since the original mount will be the kernel 
version), but that's pretty straightforward.

That might be the best option?

	-hpa


More information about the Containers mailing list