[1844] in NetBSD-Development
Re: Please fix old X11 security issues
daemon@ATHENA.MIT.EDU (Dan Winship)
Sun Feb 14 12:22:51 1999
To: netbsd-dev@MIT.EDU
In-Reply-To: Your message of "Fri, 12 Feb 1999 22:46:56 EST."
<199902130346.WAA17868@luminous.mit.edu>
Date: Sun, 14 Feb 1999 12:21:21 EST
From: Dan Winship <danw@MIT.EDU>
I'm not sure how many people are still using these, or how we could
even check that...
I poked around. In /afs/sipb/system/i386_nbsd1/usr/X11R6, the setuid
binaries are SuperProbe, xterm, and the X servers. The 7.7.2 packs
remove SuperProbe, but add dga and a setgid xload.
The X servers shouldn't need to be setuid the way we've always set
things up.
No one will suffer if we un-setxid SuperProbe, xload, and dga.
xterm could be tricky... but I suppose if people lose, we can just
tell them to upgrade to the current release?
So, any objections to unsetuiding the whole lot? (and perhaps sending
mail to netbsd-announce in case people are still using them)
-- Dan
