Search the FAQ Archives

3 - A - B - C - D - E - F - G - H - I - J - K - L - M
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
faqs.org - Internet FAQ Archives

comp.windows.x Frequently Asked Questions (FAQ) 6/7
Section - 131) How do I get around the SunOS 4.1 security hole?

( Part1 - Part2 - Part3 - Part4 - Part5 - Part6 - Part7 - Single Page )
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Business Photos and Profiles ]


Top Document: comp.windows.x Frequently Asked Questions (FAQ) 6/7
Previous Document: 130) Can OW 3.0 OLIT programs run with R5 Xt? (_XtQString undefined)
Next Document: 132) How do I get around the frame-buffer security hole?
See reader questions & answers on this topic! - Help others by sharing your knowledge

	There is a security problem with certain R4 clients (xterm and xload)
running under SunOS 4.1 that have been installed setuid root and are using 
shared libraries; to avoid the problem, do one of these:
	1) make the program non-setuid. You should consult your system
administrator concerning protection of resources (e.g. ptys and /dev/kmem) used
by these programs, to make sure that you do not create additional security 
problems at your site.
	2) relink the programs statically (using -Bstatic).
	3) install the libraries before linking and link with absolute paths
to the libraries.

[from rws@x.org (Bob Scheifler), 12/90]

Newer versions  of xterm (R5/R6) do this automatically by rebuilding xterm
against the newly-installed libraries when xterm is being installed; this
prevents an suid program from being built with libraries specified
relatively. Note that this may cause an inconvenience when doing the
installation from NFS-mounted disks.  Xload has been rewritten to avoid the
problem.

User Contributions:

Comment about this article, ask questions, or add new information about this topic:

CAPTCHA




Top Document: comp.windows.x Frequently Asked Questions (FAQ) 6/7
Previous Document: 130) Can OW 3.0 OLIT programs run with R5 Xt? (_XtQString undefined)
Next Document: 132) How do I get around the frame-buffer security hole?

Part1 - Part2 - Part3 - Part4 - Part5 - Part6 - Part7 - Single Page

[ Usenet FAQs | Web FAQs | Documents | RFC Index ]

Send corrections/additions to the FAQ Maintainer:
faq%craft@uunet.uu.net (X FAQ maintenance address)





Last Update March 27 2014 @ 02:12 PM