mikey@decwrl.dec.com (Mike Yang) (04/07/90)
In article <272@roo.UUCP> janssen@parc.xerox.com (Bill Janssen) writes: >In article <1990Apr5.005054.6999@melba.bby.oz.au>, gnb@bby (Gregory N. Bond) writes: >>Xterm got installed setuid, owned by me. >> >>Why is it setuid? > >I'd be interested in knowing, too. Xterm adds an entry to /etc/utmp so that if you do "finger" or "w" it shows up. Since this file is usually not world-writable, xterm is installed setuid root. ----------------------------------------------------------------------------- Mike Yang Western Software Laboratory Digital Equipment Corporation mikey@wsl.dec.com decwrl!mikey 415/853-6677
mouse@LARRY.MCRCIM.MCGILL.EDU (der Mouse) (04/07/90)
> I am running Mit X11R4 on a sun 3/80, SunOs 4.0.3. > I did the make and install as me, not as root. > Xterm got installed setuid, owned by me. > Why is it setuid? So it can write the utmp entry, if nothing else - it expects to be setuid root. > Should it be setuid root? Yes. > Is this a security hole? Probably not. I can't be certain; (a) I don't know xterm and (b) nothing the size of xterm is ever bug-free. > Can I just run it non-setuid? Certainly. But you won't get utmp entries for your windows unless you make utmp world-writable (or at least you-writable), which opens up another security hole. (Of course, depending on your environment, this may not matter.) der Mouse old: mcgill-vision!mouse new: mouse@larry.mcrcim.mcgill.edu
timr@labtam.oz (Tim Roper) (04/07/90)
In article <5068@crltrx.crl.dec.com>, jg@crltrx.crl.dec.com (Jim Gettys) writes: > ... > It is setuid since there is no other way to guarantee that > xterm can use the pseudo-tty it needs; it might have been > left in an unusable state (i.e. owner and protection set wrong) > by a previous program. > ... When using the ptm/pts/ptem flavour of pseudo-terminals as implemented by System V Release 3.2 (and later) and supported by the X.V11R4 xterm, xterm does not need to be set uid root for the above reason as a separate set uid root program is run to take care of these things. If you want /etc/utmp to be updated and don't want to make it world writable you still need to have xterm set uid root. There is probably an argument for making it set gid sys (say) and making /etc/utmp group sys, group writable. -Tim.