[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <2023060816-quicken-around-d619@gregkh>
Date: Thu, 8 Jun 2023 13:51:19 +0200
From: Greg KH <gregkh@...uxfoundation.org>
To: Michal Sekletar <msekleta@...hat.com>
Cc: jirislaby@...nel.org, arozansk@...hat.com,
linux-kernel@...r.kernel.org, linux-kselftest@...r.kernel.org,
shuah@...nel.org
Subject: Re: [PATCH v2 1/2] tty: tty_io: update timestamps on all device nodes
On Thu, Jun 08, 2023 at 12:16:15PM +0200, Michal Sekletar wrote:
> User space applications watch for timestamp changes on character device
> files in order to determine idle time of a given terminal session. For
> example, "w" program uses this information to populate the IDLE column
> of its output [1]. Similarly, systemd-logind has optional feature where
> it uses atime of the tty character device to determine if there was
> activity on the terminal associated with the logind's session object. If
> there was no activity for a configured period of time then logind will
> terminate such session [2].
>
> Now, usually (e.g. bash running on the terminal) the use of the terminal
> will update timestamps (atime and mtime) on the corresponding terminal
> character device. However, if access to the terminal, e.g. /dev/pts/0,
> is performed through magic character device /dev/tty then such access
> obviously changes the state of the terminal, however timestamps on the
> device that correspond to the terminal (/dev/pts/0) are not updated.
>
> This patch makes sure that we update timestamps on *all* character
> devices that correspond to the given tty, because outside observers (w,
> systemd-logind) are maybe checking these timestamps. Obviously, they can
> not check timestamps on /dev/tty as that has per-process meaning.
So how are you protecting this from being an information leak like we
have had in the past where you could monitor how many characters were
being sent to the tty through a proc file? Seems like now you can just
monitor any tty node in the system and get the same information, while
today you can only do it for the tty devices you have permissions for,
right?
thanks,
greg k-h
Powered by blists - more mailing lists