Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be available on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 4389 - /usr/libexec/pt_chown doesn't have to be setuid root
Summary: /usr/libexec/pt_chown doesn't have to be setuid root
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: glibc
Version: 6.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Cristian Gafton
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1999-08-06 04:33 UTC by wingc
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1999-08-16 18:29:21 UTC

Attachments (Terms of Use)

Description wingc 1999-08-06 04:33:54 UTC
The program /usr/libexec/pt_chown is setuid to root on Red
Hat 6.0. This is unnecessary if you are using Unix98-style
ptys with devfs, which is how Red Hat 6.0 is set up by

In fact, pt_chown doesn't seem to be used at all-- for
instance, 'strace xterm' reveals that only /dev/ptmx is used
and no attempt to look for or execute /usr/libexec/pt_chown
is made.

I've taken the setuid bit off it on my systems with no ill

In the interest of removing all unncecessary setuid
programs, I would recommend leaving the setuid bit off
pt_chown in future releases of Red Hat.


Chris Wing

Comment 1 Cristian Gafton 1999-08-11 01:50:59 UTC
The binary has to be setuid root for the apps that are using UNix98
ptys and have no root priviledges - unlike xterm.

Comment 2 wingc 1999-08-11 02:24:59 UTC
a1% rpm -q redhat-release
a1% ls -l `which xterm`
-rwxr-xr-x   2 root     root       249024 Jun 14 13:53

One of the main benefits of Unix98 ptys is that you don't need to be
setuid root to use them; the devpts filesystem automatically fills in
the uid and gid of the pty to match that of the process which
requested it via /dev/ptmx:

from /usr/src/linux/fs/devpts/inode.c: devpts_pty_new():
|  inode->i_uid = sbi->setuid ? sbi->uid : current->fsuid;
|  inode->i_gid = sbi->setgid ? sbi->gid : current->fsgid;

The only reason why you'd need to keep pt_chown set-uid to root is if
you are using glibc2.1 applications without Unix98 ptys; this isn't
the case on RedHat 6.0, and hopefully won't be in the future.

So, I'd recommend stomping out another unnecessary set-uid root
program :)

Thank you very much,

Chris Wing

Comment 3 Cristian Gafton 1999-08-16 18:29:59 UTC
Fixed in glibc-2.1.2-5  and later

Note You need to log in before you can comment on or make changes to this bug.