Re: utmp and friends

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Miroslav Lichvar (mlichvar@xxxxxxxxxx) said: 
> The problem is that setgid binaries have some environment variables
> like LD_LIBRARY_PATH and TMPDIR removed. I got bugs #229360 #243069
> reported for xterm. Unfortunately I can't fix it unless utempter is
> accessible without setgid. Do we really need to protect the file from
> bad applications?
> 
> Gnome-terminal, on the other hand, uses gnome-pty-helper binary that
> has utmp setgid. The binary is not hidden and every application can
> make entries in the utmp file.
> 
> To have some consistency, either gnome-pty-helper needs to be also
> made accessible only to the utempter group and gnome-terminal is made
> setgid or utemper is made accessible to everyone and xterm drops setgid.

The entire idea of utempter is so that the terminal *doesn't* need to be
setgid - if it's setgid, what's the point of a helper?

Bill

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux