On Wed, Apr 03, 2002 at 04:48:52AM -0800, Terry Lambert wrote: > Ruslan Ermilov wrote: > > Hi! > > > > This is a JFYI that the UCONSOLE kernel option has been phased > > out as insecure. Fix your configs. > > Cool. > > I guess you will be making xconsole SUID so that it can still > grab the console, right?
On Wed, Apr 03, 2002 at 09:35:11AM -0700, Nate Williams wrote: > > > However, it was required for some X applications to work correctly, > > > which is why it was still being used. > > > > No, it's just required for them to work when run by unprivileged > > users. > > Things like xconsole *are* run by unprivileged users. : $ cat /etc/X11/xdm/GiveConsole : #!/bin/sh : # Assign ownership of the console to the invoking user : # $XConsortium: GiveConsole,v 1.2 93/09/28 14:29:20 gildea Exp $ : # : # By convention, both xconsole and xterm -C check that the : # console is owned by the invoking user and is readable before attaching : # the console output. This way a random user can invoke xterm -C without : # causing serious grief. : # : chown $USER /dev/console Cheers, -- Ruslan Ermilov Sysadmin and DBA, [EMAIL PROTECTED] Sunbay Software AG, [EMAIL PROTECTED] FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age
msg36948/pgp00000.pgp
Description: PGP signature
