by Timothy J. L » Thu, 02 Jul 1998 04:00:00
On FreeBSD and Linux systems with XFree86, xterm is setuid root by
default. On Solaris 2.5.1 system, xterm is not setuid root. Why
would xterm need to be setuid root on some, but not other, OSes?
--
------------------------------------------------------------------------
Unsolicited bulk or commercial email is not welcome. netcom.com
No warranty of any kind is provided with this message.
by maciej h babinsk » Thu, 02 Jul 1998 04:00:00
xterm likes to be setuid so that it can create utmp entries for new users.Quote:> On FreeBSD and Linux systems with XFree86, xterm is setuid root by
> default. On Solaris 2.5.1 system, xterm is not setuid root. Why
> would xterm need to be setuid root on some, but not other, OSes?
by T.E.Dicke » Thu, 02 Jul 1998 04:00:00
:> On FreeBSD and Linux systems with XFree86, xterm is setuid root by
:> default. On Solaris 2.5.1 system, xterm is not setuid root. Why
:> would xterm need to be setuid root on some, but not other, OSes?
: xterm likes to be setuid so that it can create utmp entries for new users.
: I guess that Sol xterm doesn't do that.
right - Solaris has an intermediate application that does this. It's also
been suggested that xterm be run from a wrapper so it need not be installed
setuid, but I've only seen an alpha implementation of this (my own interests
are a little removed from the setuid behavior).
The XFree86 3.3.2 xterm supports ANSI color and VT220 emulation
There's an faq at
http://www.veryComputer.com/
ftp://ftp.clark.net/pub/dickey/xterm
--
Thomas E.*ey
http://www.veryComputer.com/
by Casper H.S. Dik - Network Security Engine » Thu, 02 Jul 1998 04:00:00
[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]
Traditionally, xterm is set-uid for two reasons:Quote:>On FreeBSD and Linux systems with XFree86, xterm is setuid root by
>default. On Solaris 2.5.1 system, xterm is not setuid root. Why
>would xterm need to be setuid root on some, but not other, OSes?
- adding entries to wtmp/utmp
- chowning the allocate dpty to the user.
In SunOS 4.x, Sun's xterm did neither (not suid either) which in itself
is a security problem.
In Solaris 2.x, xterm does both but it uses to small programs for it:
/usr/lib/pt_chmod - chowns ptys
/usr/lib/utmp_update - adds utmp/wtmp entries.
The use of these programs is transparent and done by libc.
Casper
--
Expressed in this posting are my opinions. They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.
by Chris Thomps » Sun, 05 Jul 1998 04:00:00
[...]
^^^^Quote:>In Solaris 2.x, xterm does both but it uses to small programs for it:
> /usr/lib/pt_chmod - chowns ptys
> /usr/lib/utmp_update - adds utmp/wtmp entries.
Chris Thompson
Email: cet1 [at] cam.ac.uk
1. problem with xterm not setuid root?
One solution of xterm logging vulnerabities suggest turning off
setuid, however on some systems this will make /dev/tty* used by xterm
world readable. Won't this be another security problem?
2. DIP not setting default route
3. xterm -e login root? Why not?
5. setuid executable, permission raised sometimes and not others
8. libjpeg
10. Why are mount/umount setuid root?
11. Q: Why is the Xserver setuid to ROOT
12. Why apache uses setuid to depress the root permission of a child process
13. Problems "Closing" an xterm but not others!