We don't need to ask to write the statefile using privsep, because the privileged parent process knows when the child has to write the statefile: it receives a SIGUSR1 from xapi. Hence we can remove all the "file descriptor through sockets" functions and keep only one privsep operation: the request to write to xenstore the path of the statefile.
We are still able to get core dumps and at the same time keep the chroot directory from being writable by vncterm, using the same strategy developed recently for qemu: before dropping privileges we create an empty core file in the directory writable by vncterm, then we limit the amount of data writable to files by the process using setrlimits, finally we drop privileges.
Hence implementing also 'toggle meta' mode and 'display control chars' mode.
To allow vncterm to write core dumps in the chroot directory we use the same strategy as qemu: when vncterm starts, it forks: the child chroot's and drops privileges, then executes the rest of the code. The parent keeps the privileges and waits for a message from the child or for a SIGCHLD. If the parents receives a "sigsegv" message, it chown's the chroot directory to allow the child to write the core dump. Before exiting the parent removes the chroot directory, if it is empty.
Saving all the important terminal properties to file so that can be restored when the VM is resumed.