userdomain: strengthen user terminals access

[cgzones]

prohibit open by using inherited perms, introduced by Russell Coker

[pebenito]

I think there needs to be new interfaces for the inherited access, as there may be legitimate users of an interface that has open too.

[cgzones]

For 100% backward compatibility: yes a new interface would be needed.
But properly most of the callers do not need the open permission, and converting and testing all of them would be tedious.
One exception I found is screen/tmux (screen_domain).

[pebenito]

It should be easy to fix the usage. Use sed :)

[cgzones]

But when simply replacing the calls, what's the difference by keeping the name and introducing a new interface userdom_open_user_terminals for respective domains?

[pebenito]

Nonetheless the compatibility needs to be preserved.

[cgzones]

is the new approach better?

[pebenito]

I think the interface changes are fine, though I think the TODOs aren't necessary.

[pebenito]

Please drop the TODOs and I'll merge.

[cgzones]

rebased, btw. can you document the usage of analysis annotation like <infoflow type="both" weight="10"/> or <rolecap/>