Re: [XonX-Users] Xterm SUID?
Brought to you by:
torrey
Menu
▾
▴
Re: [XonX-Users] Xterm SUID?
|
From: John D. P. <joh...@ma...> - 2004-12-31 00:19:26
|
On 30 Dec 2004, at 13:27, Patrik Montgomery wrote: >> Terminal.app launches /usr/bin/login, which is prolly the best thing >> to >> do, as it is something that must be SUID anyway, and so should handle >> all the things together that might require that. This has the >> unfortunate side-effect of launching the default login shell... oh, >> wait, that's what its supposed to do. ;-) >> > Are you sure that's what it does? I don't think Terminal.app does > anything > that requires root access. I think it only launches the relevant shell > as a > login shell - you don't get a login prompt when you open a Terminal > window, > do you? If you check the archives for this list (should be at > sourceforge, right?), > you will find an old discussion between Torrey, Greg Parker and yours > truly. > The subject has been up before. Yes, I'm sure that's what it does. I use pstree to show how its laid out. Attached is a pretty screen-shot from Activity Monitor. It does not, however, do this if in Preferences you have it launch a specific shell (even if that shell is your login shell). It does not just launch login, the command line used is "login -pf userName" -p makes it preserve the environment and -f makes it accept the user name, with no password, so long as it is being run by either root or that user. It does make your shell show up in who(1) or w(1). I'm not sure if those flags are portable, but if they are generally accepted or equivalents are available then that should be the norm, always, on every platform. This means that Xterm never has to query for the login shell, and it means that there are not ugly races in modifying utmp or whatever. It would even work on systems where that file does not exist and users are tracked by some other method. JP |
