The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

how to fix xterm

To: Thomas.Koenig@ciw.uni-karlsruhe.de (Thomas König), John Goerzen <jgoerzen@complete.org>
Subject: how to fix xterm
From: bruce@pixar.com (Bruce Perens)
Date: Wed, 4 Jun 97 21:55 PDT
Cc: sacampbe@mercator.math.uwaterloo.ca, maor@ece.utexas.edu, debian-private@lists.debian.org, bruce@pixar.com
References: <199706030724.JAA04856@mvmap66.ciw.uni-karlsruhe.de>
Reply-to: Bruce Perens <bruce@pixar.com>
Resent-cc: recipient list not shown: ;
Resent-date: 5 Jun 1997 05:58:15 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"NDTdT3.0.7d3.sLbbp"@debian>
Resent-sender: debian-private-request@lists.debian.org

> What about the chmod u-s for xterm?

From: John Goerzen <jgoerzen@complete.org>
> NO. This breaks MANY things.

Someone please give me a reality check. Would this change to the xterm design
work?

We write a setuid-wrapper for xterm. This wrapper acquires both sides of a
pty, changes its owner, mode, etc., and adds the utmp entry.
It sets in the environment a string that indicates the file
descriptor numbers of the pty, and then it forks. The child drops root
privilege, and then exec's the real xterm, which is no longer a setuid program.
Xterm gets the file descriptor numbers out of the environment, and uses the
open file descriptors that it inherited from the wrapper to access the pty.
When xterm exits, the wrapper wakes up, cleans up the pty permissions and
modes, removes the utmp entry, and exits.

This moves all of the things that require privilege into a small
wrapper that is not linked to the X libraries and is simple enough that
someone can desk-check it easily. The xterm program loses its setuid
bit but continues to have the same functionality as today.

This can be done to other terminal emulators like rxterm and rxvt as well.
The passing of access rights through inherited file descriptors that I
describe here is useful for addressing a number of similar security problems.

	Thanks

	Bruce
-- 
Bruce Perens K6BP   Bruce@Pixar.com   510-215-3502
Finger bruce@master.Debian.org for PGP public key.
PGP fingerprint = 88 6A 15 D0 65 D4 A3 A6  1F 89 6A 76 95 24 87 B3 


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Follow-Ups:
- Re: how to fix xterm
  - From: Mark Eichin <eichin@cygnus.com>
- Re: how to fix xterm
  - From: bruce@pixar.com (Bruce Perens)

References:
- Re: Guy: Please change "frozen" to "stable" and release Debian 1.3 .
  - From: Thomas Koenig <ig25@mvmap66.ciw.uni-karlsruhe.de>

Prev by Date: Re: Guy: Please change "frozen" to "stable" and release Debian 1.3 .
Next by Date: Re: Our social contract with the free-software community
Previous by thread: Re: Guy: Please change "frozen" to "stable" and release Debian 1.3 .
Next by thread: Re: how to fix xterm
Index(es):
- Date
- Thread