Why xterm has suid bit set? Is it only for writing to utmp? I thought that utmp group exists exactly for such purposes. chown root:utmp & chmod u-s & chmod g+s
suid would be used for pre-Unix98 ptys. sgid is as noted, needed for utmp (unless some intermediary as utempter was used).
donnie@supernova ~ $ ls -l `which xterm` -rwxr-xr-x 1 root root 277808 Oct 27 09:54 /usr/bin/xterm Which X version and implementation do you have installed? Also, if you have xterm as a separate package, which version?
>Which X version and implementation do you have installed? Also, if you have xterm >as a separate package, which version? i have the xterm-196 installed. After digging a little deeper in the problem, I found that install script trying to copy permissions from already installed /usr/bin/xterm. /bin/sh ./sinstall.sh "/bin/install -c" xterm /usr/bin/xterm /var/tmp/portage/xterm-196/image//usr/bin/`echo xterm| sed 's/$//'|sed 's,x,x,'|sed 's/$//'` checking for presumed installation-mode ... if "/usr/bin/xterm" is null, try the ls -g option ... if "/usr/bin/xterm" is null, we do not look for group ... if we have date in proper columns (Ноя 8 15:37), "" is null ... derived user "root", group "utmp" of previously-installed xterm ... see if mode "-rwx--s--x" has s-bit set ... installing xterm as user "root", group "root" /bin/install -c -m 2711 -g utmp xterm /var/tmp/portage/xterm-196/image//usr/bin/xterm Now i can't say is this good or bad, but seems that some previous package of X has this permissons installed on xterm. Btw, without suid bit set, I can't open /dev/console under 2.6.9 kernel, xterm -C reported: xterm: cannot open console: Operation not permitted and console is crw------- 1 max tty 5, 1 Ноя 8 16:00 /dev/console do i need to open a new bug?
just found who is responsible for the last issue. it is tioccons-security.patch from Olaf Dabrunz <od at suse.de>, appeared in ac5 and mm patchsets
I've added 196-r1 for this. Thanks for the report!