From Bugzilla Helper: User-Agent: Mozilla/4.75 [en] (X11; U; SunOS 5.8 sun4u) Description of problem: When executed by a non-privelidged user, the latest minicom cannot open a lock file in /var/lock because it is not setgid uucp. This can easily be fixed with: chgrp uucp /usr/bin/minicom chmod g+s /usr/bin/minicom How reproducible: Didn't try Additional info: This should be fixed in the next release of that RPM.
This is very much not a bug. The bug was minicom before *did* allow non root users to use it. minicom, as confirmed by the original author, and subsequent maintainers, and also collective securioty folk all say that minicom was not ever designed with security in mind. It was not intended to be used by non-root users in secure systems. The code contains many format string bugs, some of which are not fixable without major redesign of significant portions of the code, and likely with incompatible changes to the scripting language, especially in the do_log function. There are numerous other security vulnerabilities likely lurking in the code also. A recent audit and community discussion resulted in widespread common agreement by all vendors involved, and various other security folk that minicom should indeed not be executable by non root. This may be unfortunate for those who need it or rely on it, but the security problems are many and deep, and secuity trumps convenience in default install situations I'm afraid. For those who require the functionality and cannot use other more secure software, as a workaround, suid/sgid the binary, but in doing so, realize that you are running exploitable software when doing so.