On Tue, 28 Apr 1998, Stelios Bounanos wrote:
> Hello all,
>
> A quick question for you:
>
> Why are xterm, nxterm, rxvt and friends suid root?
> To be able to write to /var/log/wtmp and/or /var/run/utmp maybe?
> Any other reasons they should/shouldn't be suid-root?
>
>
> Thanks,
> sb.
>From what I just read in a CERT advisory, they are suid root in order
to create a security hole <g>. Seriously, there is apparently a hole
in xterm, and the announced workaround is to remove the suid bit.
The Open Group has no intention of patching it for X11R6.3, so XFree86
will have to fix it, I suppose...
Fred W. Noltie Jr.
Criterion Consulting
Coon Rapids, MN USA
Running Linux 2.0.33
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
