The program /usr/libexec/pt_chown is setuid to root on Red Hat 6.0. This is unnecessary if you are using Unix98-style ptys with devfs, which is how Red Hat 6.0 is set up by default. In fact, pt_chown doesn't seem to be used at all-- for instance, 'strace xterm' reveals that only /dev/ptmx is used and no attempt to look for or execute /usr/libexec/pt_chown is made. I've taken the setuid bit off it on my systems with no ill effects. In the interest of removing all unncecessary setuid programs, I would recommend leaving the setuid bit off pt_chown in future releases of Red Hat. Thanks, Chris Wing wingc.edu
The binary has to be setuid root for the apps that are using UNix98 ptys and have no root priviledges - unlike xterm.
a1% rpm -q redhat-release redhat-release-6.0-1 a1% ls -l `which xterm` -rwxr-xr-x 2 root root 249024 Jun 14 13:53 /usr/X11R6/bin/xterm One of the main benefits of Unix98 ptys is that you don't need to be setuid root to use them; the devpts filesystem automatically fills in the uid and gid of the pty to match that of the process which requested it via /dev/ptmx: from /usr/src/linux/fs/devpts/inode.c: devpts_pty_new(): | | inode->i_uid = sbi->setuid ? sbi->uid : current->fsuid; | inode->i_gid = sbi->setgid ? sbi->gid : current->fsgid; The only reason why you'd need to keep pt_chown set-uid to root is if you are using glibc2.1 applications without Unix98 ptys; this isn't the case on RedHat 6.0, and hopefully won't be in the future. So, I'd recommend stomping out another unnecessary set-uid root program :) Thank you very much, Chris Wing wingc.edu
Fixed in glibc-2.1.2-5 and later