On Tue, Apr 28, 1998 at 05:12:22PM +0100, Mark Baker wrote: > On Tue, Apr 28, 1998 at 05:57:55PM +0200, A Mennucc wrote: > > > > Vulnerabilities exist in the terminal emulator xterm(1), and the Xaw > > > library distributed in various MIT X Consortium; X Consortium, Inc.; > > > and The Open Group X Project Team releases. These vulnerabilities may > > > be exploited by an intruder to gain root access. > > > > the only solutions seems to > > > > chmod 0755 `which xterm` > > Or to apply a patch that TOG sent to their members, but didn't think to do > anything useful like include it in the alert itself. It's probably not free > anyway :( > > Since a program as complicated as xterm is always likely to contain security > problems, we probably should leave it un-suid anyway, even once we have > patched it to fix the bugs mentioned. Well, the reason xterm is setuid is because it needs privileged access to the utmp file. However, this is presently a problem under some circumstances (see bug #20685). XFree86 3.3.2-4 is shipping with an /etc/X11/XResources that sets XTerm*utmpInhibit to true. Is it the consensus of the project that xterm should have its setuid removed until this bug (#20685) is fixed? Let me know quickly (especially if any of you know any additional reason xterm is setuid). If I turn it off then I will want to do so for -5, which I'd like to release within the next 24 hours. -- G. Branden Robinson | Human beings rarely imagine a god that Purdue University | behaves any better than a spoiled child. branden@purdue.edu | -- Robert Heinlein http://www.ecn.purdue.edu/~branden/ |
Attachment:
pgpw4sxFk6kuJ.pgp
Description: PGP signature