On Wed, Jun 27, 2007 at 08:25:24AM -0400, Bill Nottingham wrote: > Miroslav Lichvar (mlichvar@xxxxxxxxxx) said: > > > The entire idea of utempter is so that the terminal *doesn't* need to be > > > setgid - if it's setgid, what's the point of a helper? > > > > Well, the terminal doesn't need to be setgid utmp, but only utempter. > > Setgid utempter allows only adding/removing entries in utmp while > > setgid utmp allows unrestricted access. > > Only if it's coded wrong (doesn't drop privs, etc.). By adding a > setgid to the binary, you're making the point of separating it > merely a code-sharing issue, as opposed to any huge security gains. > > I'd remove the block on the directory - basically, you're intentionally > breaking user's environments for illusory security. Ok, I've filed a bug report to drop the requirement in libutempter (#246063). -- Miroslav Lichvar -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
