[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: suid xterm

Guy Maor <maor@ece.utexas.edu> writes:

> Herbert Xu <herbert@gondor.apana.org.au> writes:
> > In article <19980329231357.62680@beijing.itri.loyola.edu> you wrote:
> > > Quick question: has there been a discussion of whether a setuid xterm is
> > > a good idea? Is utmp logging worth the perennial xterm security holes?
> > 
> > Yes unless you're willing to let other people see what you type and what is
> > displayed on your screen (oops, there goes my credit card number...)
> Right.  Programs like xterm and rxvt are suid so they can chown your
> pseudo tty, not so they can write to utmp.

Yes.  But the current xterm (from xbase-3.2.2-2) fails to handle utmp
correctly anyway.  It is setuid root, but drops root privs after
writing a utmp entry and doing the pty allocation.  This means it
can't mark the utmp entry it created as DEAD_PROCESS, so leaving crud
in the utmp file.  It also fails to write wtmp entries - but then the
version in Debian-1.3.1 didn't either.  The xterm in xbase-3.2-6
correctly handles utmp because it doesn't drop its privs.

I've filed a bug report against xbase with the full details.


To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: