Method and apparatus for creating secure pseudo-terminal links
First Claim
1. In a computer system having an operating system, a method executed within a kernel of said operating system for establishing a secure pseudo-terminal link between a pseudo-terminal master file and an associated pseudo-terminal slave file, said method comprising the steps of:
- receiving, from a first application program, a first request to open said pseudo-terminal master file;
granting said first request if said pseudo-terminal master file and said pseudo-terminal slave file are presently closed, otherwise denying said first request;
opening said pseudo-terminal master file whenever said first request is granted;
receiving, from a second application program, a second request to open said pseudo-terminal slave file;
granting said second request if said pseudo-terminal master file is presently open and a first user identification associated with said first application program which opened said pseudo-terminal master file is identical to a second user identification associated with said second application program presently requesting to open said pseudo-terminal slave file, otherwise denying said second request;
changing, whenever said second request is granted, an access permission code and ownership of said associated pseudo-terminal slave file;
opening, after said access permission code and ownership are changed, said associated pseudo-terminal slave file;
such that said pseudo-terminal master file and said pseudo-terminal slave file are connected by a secure pseudo-terminal link.
0 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus, operating within a kernel of a UNIX-based host computer, that ensures that no unauthorized users or processes have accessed a pseudo-terminal (pty) slave file within a pty device driver prior to an authorized process accessing the pty slave file. Specifically, upon receiving, from an application program, a request to open a pty master file to form a pty device driver, the request is granted by the kernel only if the pty master file and pty slave file are presently closed. Similarly, a request to open a pty slave file to form a pty device driver is granted by the kernel only if the pty master file is open and a user identification of an application attempting to open the slave file is identical to a user identification of the application program which opened the master file. In this manner, a pseudo-terminal link between the pty master file and the pty slave file is secure from unauthorized processes being surreptitiously connected to the pty slave. Additionally, the owner and access permission codes of the open pty slave file are changed thereby further restricting access thereto.
-
Citations
21 Claims
-
1. In a computer system having an operating system, a method executed within a kernel of said operating system for establishing a secure pseudo-terminal link between a pseudo-terminal master file and an associated pseudo-terminal slave file, said method comprising the steps of:
-
receiving, from a first application program, a first request to open said pseudo-terminal master file; granting said first request if said pseudo-terminal master file and said pseudo-terminal slave file are presently closed, otherwise denying said first request; opening said pseudo-terminal master file whenever said first request is granted; receiving, from a second application program, a second request to open said pseudo-terminal slave file; granting said second request if said pseudo-terminal master file is presently open and a first user identification associated with said first application program which opened said pseudo-terminal master file is identical to a second user identification associated with said second application program presently requesting to open said pseudo-terminal slave file, otherwise denying said second request; changing, whenever said second request is granted, an access permission code and ownership of said associated pseudo-terminal slave file; opening, after said access permission code and ownership are changed, said associated pseudo-terminal slave file; such that said pseudo-terminal master file and said pseudo-terminal slave file are connected by a secure pseudo-terminal link. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. In a computer system having an operating system, apparatus within a kernel of said operating system for establishing a secure pseudo-terminal link between a pseudo-terminal master device driver and an associated pseudo-terminal slave device driver, said apparatus comprising:
-
means for receiving, from a first application program, a first request to open said pseudo-terminal master device driver; means for granting said first request if said pseudo-terminal master device driver and said pseudo-terminal slave device driver be presently closed, otherwise denying said first request; means for opening said pseudo-terminal master device driver whenever said first request is granted; means for receiving, from a second application program, a second request to open said pseudo-terminal slave device driver; means for granting said second request if said pseudo-terminal master device driver be presently open and a first user identification associated with said first application program which opened said pseudo-terminal master device driver be identical to a second user identification associated with said second application program presently requesting to open said pseudo-terminal slave device driver, otherwise denying said second request; means for changing, whenever said second request is granted, an access permission code and ownership of said pseudo-terminal slave device driver; means for opening, after said access permission code and ownership are changed, said pseudo-terminal slave device driver such that said pseudo-terminal master device driver and said pseudo-terminal slave device driver are connected by a secure pseudo-terminal link. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification