[1282] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: safe logging xterm

daemon@ATHENA.MIT.EDU (Adam Shostack)
Thu Mar 16 20:53:31 1995

From: Adam Shostack <adam@bwh.harvard.edu>
To: banz@umbc.edu (Robert Banz)
Date: Thu, 16 Mar 1995 19:09:05 -0500 (EST)
Cc: bugtraq@fc.net
In-Reply-To: <Pine.SGI.3.91.950316174058.16291A-100000@spork.acs.umbc.edu> from "Robert Banz" at Mar 16, 95 05:42:07 pm

| > Yes, it leaves setuid on a program that is way too large.  Xterm tends
| > to be setuid so it can write to utmp.  Thats a bad reason to make a
| > large program setuid.
| 
| Hm.  Why not make utmp group "bob" writable, and make xterm setgid "bob"?
| 
| just an idea...  at least it cuts down on what they can do if they
| somehow 'hack' xterm...the get "bob" access...

	Several kind folks pointed out to me that Xterm is setuid so
it can chown the pty, not so it can write to utmp.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1282] in bugtraq

Re: safe logging xterm

daemon@ATHENA.MIT.EDU (Adam Shostack)Thu Mar 16 20:53:31 1995

daemon@ATHENA.MIT.EDU (Adam Shostack)
Thu Mar 16 20:53:31 1995