Bug 4389
Summary: | /usr/libexec/pt_chown doesn't have to be setuid root | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | wingc |
Component: | glibc | Assignee: | Cristian Gafton <gafton> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.0 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-08-16 18:29:21 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
wingc
1999-08-06 04:33:54 UTC
The binary has to be setuid root for the apps that are using UNix98 ptys and have no root priviledges - unlike xterm. a1% rpm -q redhat-release redhat-release-6.0-1 a1% ls -l `which xterm` -rwxr-xr-x 2 root root 249024 Jun 14 13:53 /usr/X11R6/bin/xterm One of the main benefits of Unix98 ptys is that you don't need to be setuid root to use them; the devpts filesystem automatically fills in the uid and gid of the pty to match that of the process which requested it via /dev/ptmx: from /usr/src/linux/fs/devpts/inode.c: devpts_pty_new(): | | inode->i_uid = sbi->setuid ? sbi->uid : current->fsuid; | inode->i_gid = sbi->setgid ? sbi->gid : current->fsgid; The only reason why you'd need to keep pt_chown set-uid to root is if you are using glibc2.1 applications without Unix98 ptys; this isn't the case on RedHat 6.0, and hopefully won't be in the future. So, I'd recommend stomping out another unnecessary set-uid root program :) Thank you very much, Chris Wing wingc.edu Fixed in glibc-2.1.2-5 and later |