Summary: | xterm suid | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Max Loparev <laplandersan> |
Component: | Current packages | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | dickey |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Max Loparev
2004-10-30 08:50:31 UTC
suid would be used for pre-Unix98 ptys. sgid is as noted, needed for utmp (unless some intermediary as utempter was used). donnie@supernova ~ $ ls -l `which xterm` -rwxr-xr-x 1 root root 277808 Oct 27 09:54 /usr/bin/xterm Which X version and implementation do you have installed? Also, if you have xterm as a separate package, which version? >Which X version and implementation do you have installed? Also, if you have xterm >as a separate package, which version?
i have the xterm-196 installed.
After digging a little deeper in the problem, I found that install script trying to copy permissions from already installed /usr/bin/xterm.
/bin/sh ./sinstall.sh "/bin/install -c" xterm /usr/bin/xterm /var/tmp/portage/xterm-196/image//usr/bin/`echo xterm| sed 's/$//'|sed 's,x,x,'|sed 's/$//'`
checking for presumed installation-mode
... if "/usr/bin/xterm" is null, try the ls -g option
... if "/usr/bin/xterm" is null, we do not look for group
... if we have date in proper columns (Ноя 8 15:37), "" is null
... derived user "root", group "utmp" of previously-installed xterm
... see if mode "-rwx--s--x" has s-bit set
... installing xterm as user "root", group "root"
/bin/install -c -m 2711 -g utmp xterm /var/tmp/portage/xterm-196/image//usr/bin/xterm
Now i can't say is this good or bad, but seems that some previous package of X has this permissons installed on xterm.
Btw, without suid bit set, I can't open /dev/console under 2.6.9 kernel, xterm -C reported:
xterm: cannot open console: Operation not permitted
and console is crw------- 1 max tty 5, 1 Ноя 8 16:00 /dev/console
do i need to open a new bug?
just found who is responsible for the last issue. it is tioccons-security.patch from Olaf Dabrunz <od at suse.de>, appeared in ac5 and mm patchsets I've added 196-r1 for this. Thanks for the report! |