Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!tut.cis.ohio-state.edu!uc!cs.umn.edu!brsmith
From: brsmith@cs.umn.edu (Brian R. Smith)
Newsgroups: comp.windows.x
Subject: Security problem with xterm?
Keywords: security console X
Message-ID: <1990Jul6.025816.6905@cs.umn.edu>
Date: 6 Jul 90 02:58:16 GMT
Organization: University of Minnesota, Minneapolis, CSci dept.
Lines: 66

#ifdef SWALLOW_EXCUSES

  Pardon me if this has been brought up before - trying to keep
  up with comp.windows.x gives me nightmares...

#endif

[Sun 3, SunOS 3.4, X11R4 pl11 (but it was the same in X11R3)]

If you use the "-C" option to xterm when you're NOT logged in on the
console, the console becomes useless.  We've gotten burned by this
several times - when a naive user has made all his xterm's into
"console" xterms or such.

I've got a two-line hack to mit/clients/xterm/main.c that fixes it - I
don't *think* there are any side effects...  (you should be able to
just run this through patch.  The line numbers may be slightly off -
we have some (other) non-standard patches...)

Better solutions would be welcome.  (... this is one of the *minor*
things I'd like to see "fixed in R5".  Or just a re-written, compact,
simple xterm... maybe with scalable fonts and color cycling... yea,
that'd be cool... :-))

======================================================================
*** main.c.orig Thu Jul  5 21:42:09 1990
--- main.c      Thu Jul  5 21:43:34 1990
***************
*** 298,304 ****
  static char passedPty[2];     /* name if pty if slave */

  #ifdef TIOCCONS
! static int Console;
  #endif        /* TIOCCONS */
  #ifndef USE_SYSV_UTMP
  static int tslot;
--- 298,304 ----
  static char passedPty[2];     /* name if pty if slave */

  #ifdef TIOCCONS
! static int Console = FALSE;
  #endif        /* TIOCCONS */
  #ifndef USE_SYSV_UTMP
  static int tslot;
***************
*** 718,724 ****
                /* NOTREACHED */
             case 'C':
  #ifdef TIOCCONS
!               Console = TRUE;
  #endif        /* TIOCCONS */
                continue;
             case 'S':
--- 718,725 ----
                /* NOTREACHED */
             case 'C':
  #ifdef TIOCCONS
!               if (access("/dev/console", R_OK | W_OK) == 0)
!                 Console = TRUE;
  #endif        /* TIOCCONS */
                continue;
             case 'S':
======================================================================
--
Brian
brsmith@cs.umn.edu