[gps-users] gps(1)'s use of pseudo-ttys

[John Murdie]

Did anything come of the queries made about gps(1)'s use of pseudo-ttys
on this list back in December 2004? See the seven articles of the thread
"More on /dev/pty and Fedora Core 3" posted by Robert Love and Bobby D.
Bryant. gps appears to use the (/dev/ttyz0, /dev/ptyz0) pseudo-tty pair
to communicate with gdb. When these are found to be unreadable and
unwriteable, as is usual on Linux systems, gps writes the error message
"/dev/ptyz0: Permission denied." to gps's gdb window and the message
"return -1 from allocate_tty" to standard error. Both users above claim
that building gps with 'configure --without-ptys' makes no difference.
We use devfs here, as is now usual for Linux.

As far as I can see, the problem has not been resolved in
(free/academic?) production releases of gps - perhaps in gps 3.*? It
seems that use of gps(1) has only just started at my site, though we've
had it installed for a while. Perhaps the installation of gap 1.0.1
(with gps 2.0.1) and gap 1.1.0 (with gps 2.1.0) awakened interest here.

Our problem is that we don't want to make pseudo-ttys generally readable
and writeable; it'd be an invitation for local crackers (generally known
as 'students') to spy on and even interfere with other users. Is there
some good reason why gps doesn't just fork/exec and front-end gdb?

Is there a practical solution which won't compromise security?

If I've overlooked anything, my apologies.

John A. Murdie
Department of Computer Science
University of York
UK