24844 – /usr/libexec/pt_chown has wrong permissions

Bug 24844 - /usr/libexec/pt_chown has wrong permissions

Summary: /usr/libexec/pt_chown has wrong permissions

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	glibc
Sub Component:
Version:	7.0
Hardware:	i386
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Jakub Jelinek
QA Contact:	Aaron Brown
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-01-24 13:24 UTC by Need Real Name
Modified:	2016-11-24 15:05 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2001-01-25 06:24:35 UTC
Embargoed:

Attachments	(Terms of Use)

Description Need Real Name 2001-01-24 13:24:45 UTC

Symptoms: run mc under non-privileged user account and you are unable to
use subshell there.

Reason: after glibc-common-2.2-12 (or glibc before splittting it to two
rpms) install, the file permissions for /usr/libexec/pt_chown are set
incorrectly. They are 600, while they must be 755, and pt_chown must be
suid root also.

Consequences: glibc always fails in grantpt() returning ENOEXEC in errno,
because of the incorrect file permisions in pt_chown

Why? Because /usr/libexec/pt_chown is a helper app used by glibc to change
ownership of the slave end of a pseudo-terminal. This is what grantpt()
does.
Since permissions are set to 600 on pt_chown, glibc can't execute it from
the grantpt() function, and hence we get ENOEXEC.

Comment 1 Jakub Jelinek 2001-01-24 14:55:15 UTC

This is intentional. We don't want to ship an unneeded suid program
(it is not needed when you have /dev/pts mounted) but we ship it there so
folks who explicitely don't want to use /dev/pts (installer sets up /dev/pts
mounting btw) can chmod 4755 /usr/libexec/pt_chown themselves.
/usr/libexec/pt_chown had 600 permissions for long time already, I've just
checked glibc-2.1.92-14 which shipped in 7.0 originally and it has the same
permissions.
mc spawns a subshell when I login as normal user on console without any problems.

Comment 2 Need Real Name 2001-01-25 06:24:32 UTC

How about adding post-install script to glibc-common, which detects absence of
/dev/pts and sets proper permissions to pt_chown?

Your mc works fine either because you have /dev/pts or because permissions on
pt_chown are 755/suid. In my case I did not have /dev/pts and glibc-common did
not detect it during install and mc wouldn't spawn subshell. Because without
/dev/pts glibc needs pt_chown with access rights 755, but again, glibc-common
doesn't do that, EVEN when there is no /dev/pts.

So this is rather a bug anyway. glibc-common must detect whether there is
/dev/pts and act accordingly, adjusting permissions for /usr/libexec/pt_chown.

Comment 3 Need Real Name 2001-01-25 06:35:37 UTC

NOTE: I didn't notice /dev/pts in my mount output:

[pirks@alg158ghy74l ~]$ mount
/dev/hda8 on / type ext2 (rw)
none on /proc type proc (rw)
/dev/hda7 on /mnt/fat type vfat (rw,uid=500,gid=500)
/dev/hda3 on /mnt/fat2 type vfat (rw,uid=500,gid=500)
/dev/hda5 on /mnt/ext2 type ext2 (rw)
[pirks@alg158ghy74l ~]$ ls /dev/pts
ls: /dev/pts: No such file or directory

So now the question is why installer did not set up /dev/pts on my system, which
is another issue.
Is there a way I can check if /dev/pts was installed by glibc-common? A special
file somewhere or something like? OK, I can check the post-install script in a
while. If I find something interesting, I'll post it here.

Note You need to log in before you can comment on or make changes to this bug.