Newsgroups: comp.windows.x Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!caen!news.cs.indiana.edu!ux1.cso.uiuc.edu!phil From: phil@ux1.cso.uiuc.edu (Phil Howard KA9WGN) Subject: Re: Xterm cannot write log files Message-ID: <1991Apr10.222541.14268@ux1.cso.uiuc.edu> Organization: University of Illinois at Urbana References: <9104100652.AA06486@lightning.McRCIM.McGill.EDU> Date: Wed, 10 Apr 1991 22:25:41 GMT Lines: 34 mouse@lightning.mcrcim.mcgill.EDU (der Mouse) writes: >> Is there any pressing reason for xterm to be suid root ? >Not unless you want utmp entries for your xterm windows. (Unless you >make utmp world-writeable, which opens up other, fairly serious, >security holes, but that may be acceptable in trusting environments.) An alternate strategy that involves UNIX's "philosophy" of having extra processes: Write a root program called xutmp or something like that. When xterm is going to otherwise exec the shell in its child under conditions it would update utmp, it should instead exec xutmp. What xutmp will do is update the utmp, fork again and exec the shell, and wait for the shell to exit. When the shell exits, update utmp and exit back to xterm. It would be YET ANOTHER PROCESS, but it seems often that UNIX programmers are already rather liberal with processes, so only the critics of such programmers should complain (I'm not sure if I am or not). xutmp would have to be smart enough to deal with cases of whether or not utmp already reflects an entry for the same tty, and NOT any updates if that is the case (and it can bypass the fork in that case as well). That would prevent some user messing up utmp. Then xterm could run as owned by the user (and those of us without root ids can kill all those errant xterms that seem to hang around all the time). -- /***************************************************************************\ / Phil Howard -- KA9WGN -- phil@ux1.cso.uiuc.edu \ \ Lietuva laisva -- Brivu Latviju -- Eesti vabaks / \***************************************************************************/