I have part of idea of another workaround for pty (but not for tty).
Open console:
$ ls -l --full-time --time=ctime `tty`
crw------- 1 darkk tty 136, 2 2009-11-14 15:41:39.260720360 +0600 /dev/pts/2
Close console, open console again:
$ ls -l --full-time --time=ctime `tty`
crw------- 1 darkk tty 136, 2 2009-11-14 15:43:31.320713474 +0600 /dev/pts/2
So ticket may include ctime of pty.
On the other hand, malicious attacker can change ctime of the /dev/pts/2 and he may get correct ctime watching /dev/pts (he can't get ctime from ticket data). I don't know if it may be avoided using something like POSIX ACL's and I assume that POSIX ACL's are not supported by ptsfs. Maybe someone has better idea.
I have part of idea of another workaround for pty (but not for tty).
Open console:
$ ls -l --full-time --time=ctime `tty`
crw------- 1 darkk tty 136, 2 2009-11-14 15:41:39.260720360 +0600 /dev/pts/2
Close console, open console again:
$ ls -l --full-time --time=ctime `tty`
crw------- 1 darkk tty 136, 2 2009-11-14 15:43:31.320713474 +0600 /dev/pts/2
So ticket may include ctime of pty.
On the other hand, malicious attacker can change ctime of the /dev/pts/2 and he may get correct ctime watching /dev/pts (he can't get ctime from ticket data). I don't know if it may be avoided using something like POSIX ACL's and I assume that POSIX ACL's are not supported by ptsfs. Maybe someone has better idea.