Re: a good solution to the libXt problem (really)
Kevin Dalley:
> Some operating systems require programs to be setuid root in order to
> manipulate pseudoterminals. This is as much of a hack as setuid for
> utmp or load calculations. Fortunately, Linux does not require setuid
> programs for pseudoterminals. To verify this, I run non-setuid xterms
> as root and then as kevin, which has no special permissions on my
> machine. I was able to use the same pseudoterminal as first root and
> then kevin without any difficulty. The permissions of the
> pseudoterminal changes, but root permission is not needed. The
> pseudoterminals remain owned by root. When xterm is run as setuid,
> the ownership of the pseudoterminal changes.
Do you feel it isn't a security problem if any other user on the
system can read the keystrokes of xterm users ?
This is the effect of having the pty slave be world-readable.
It is true that the situation that root privilege is required to
safely manipulate pty's is not acceptable. Hence my bug report
against script.
Unfortunately the right solution to this problem (and to the related
problem of utmp) is a significant amount of design and coding.
In the meantime we will have to live with at least xterm being setuid
root.
Ian.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
>From miss
Received: from mongo.pixar.com (138.72.50.60)
by master.debian.org with SMTP; 29 Nov 1996 18:16:13 -0000
Received: (qmail 28503 invoked from network); 29 Nov 1996 18:00:58 -0000
Received: from primer.i-connect.net (HELO master.debian.org) (bruce@206.139.73.13)
by mongo.pixar.com with SMTP; 29 Nov 1996 18:00:50 -0000
Date: Fri, 29 Nov 1996 15:08:45 +0300 (GMT-3)
From: Pablo Bianucci LU 193/96 <pablob@CE.FCEN.uba.ar>
To: debian-devel@lists.debian.org
Subject: ifmail Debian package
Message-ID: <Pine.LNX.3.91.961129145915.18091A-100000@chalten.ce.fcen.uba.ar>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Resent-Message-ID: <"th8if.0.NS2.YXodo"@master.debian.org>
Resent-From: debian-devel@lists.debian.org
Resent-Reply-To: debian-devel@lists.debian.org
X-Mailing-List: <debian-devel@lists.debian.org> archive/latest/497
X-Loop: debian-devel@lists.debian.org
Precedence: list
Priority: non-urgent
Importance: low
Resent-Sender: debian-devel-request@lists.debian.org
Hi!
I've made an attempt to make a debian package with ifmail 2.8g (using
debmake) , and got some results. (i.e., it installed on my system and
ifcico could make and outbound call).
However, I think it's quite far away from being ready, as it's missing
some things (like some man pages). Besides, it's my first Debian package,
so it can't be perfect! ;-)
I'm not currently using it on a regular basis, so there are many, many
rough edges that should be polished. A little list from the top of my head:
* Mail [in/out]bound directories. (var/spool/fido?)
* Should a new user be created for it?
* Automatic configuration for FidoNet stuff is not trivial!
* Dependencies: I've made it depend on mail-transport-agent and suggest
mgetty, but that could be better (and mgetty or whatever
getty should be compiled with Fido support).
* And lots of other things I don't remember.
There are so many things to play with that I'd appreciate a little
feedback from people who are using it more regularly than me.
You can get it through anonymous FTP on chalten.ce.fcen.uba.ar, under
/pub/Linux/misc.
Bye & Good Luck!
Pablo B.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: