On Mon, May 07, 2001 at 12:54:52PM -0400, Rob Mahurin wrote:
> This is the purpose of "wishlist" bugs. See bug#96677.
> Severity: wishlist; Package: xscreensaver; ;Reported by: Rob Mahurin <[EMAIL
> PROTECTED]>; dated Mon, 7 May 2001
Hey, thanks for sending that "bug" in!
--
Alex Suzuki | [EMA
On Mon, May 07, 2001 at 04:15:36PM +0200, Alex Suzuki wrote:
> On Mon, May 07, 2001 at 04:12:51AM -0400, Rob Mahurin wrote:
> > You should probably file a bug on the package, if it's not useable
> > without introducing a security risk. Perhaps someone more familiar
> > with the code could seperate
On Mon, May 07, 2001 at 04:12:51AM -0400, Rob Mahurin wrote:
> You should probably file a bug on the package, if it's not useable
> without introducing a security risk. Perhaps someone more familiar
> with the code could seperate out the part that needs special
> privileges into a seperate setuid
On Sat, May 05, 2001 at 08:33:38PM +0200, Alex Suzuki wrote:
> On Sat, May 05, 2001 at 12:42:36PM -0500, John Hasler wrote:
> > Even if the application itself is free of buffer overflows and such you
> > would be granting root access to wads of unaudited and buggy library code.
>
> yeah, I guess y
Alex Suzuki writes:
> yeah, I guess you're right... too bad I love that screensaver
There should be a way to make it work without making the X stuff setuid
root.
--
John Hasler
[EMAIL PROTECTED]
Dancing Horse Hill
Elmwood, Wisconsin
On Sat, May 05, 2001 at 12:42:36PM -0500, John Hasler wrote:
> Even if the application itself is free of buffer overflows and such you
> would be granting root access to wads of unaudited and buggy library code.
yeah, I guess you're right... too bad I love that screensaver :)
--
Alex Suzuki | [EM
I wrote:
> Don't. X programs should not be setuid root.
Alex Suzuki writes:
> Why?
Even if the application itself is free of buffer overflows and such you
would be granting root access to wads of unaudited and buggy library code.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Dancing Horse Hill
On Sat, May 05, 2001 at 09:28:33AM -0500, John Hasler wrote:
> Don't. X programs should not be setuid root.
Why? Is this a security issue (like remotely connecting to
my X-Server?
--
Alex Suzuki | [EMAIL PROTECTED] | http://www.cynox.ch
To send me an email, remove NOSPAM from the above address
Alex Suzuki writes:
> here's what it's manpage says:
> "In order to use the ping sensor, this program must be
> installed as setuid root, so that it can create an ICMP socket."
> How do I do that?
Don't. X programs should not be setuid root.
--
John Hasler
[EMAIL PROTECTED] (John Hasler)
Danci
9 matches
Mail list logo
