Sorry for the delay on this summary.
> Date: Wed, 03 May 1995 08:26:39 CDT
> To: email@example.com
> From: "Brian T. Wightman" <firstname.lastname@example.org>
> Subject: suid bit on xterm/shelltool/cmdtool
> Hi all,
> I am trying to set up xterm/shelltool/cmdtool so that the ownership of a
> tty is changed to the person using the program. This will allow things
> like "mesg n", etc to work. I know that you can set the suid bit on an
> xterm and it will do this. I now have a couple of questions...
> 1) Are there any problems that anyone knows about with setting the
> suid bit on xterm (this is the one distributed with openwindows
> 3.0 and openwindows recommended patches)? I am looking for
> security considerations and other "quirks".
> 2) Can the same thing be done with shelltool/cmdtool (again, OW3.0
> with recommended patches)? I tried on an isolated box and when
> it was suid, it would not even execute. I got the following
> A command window has exited because its child exited.
> Its child's process id was 8572 and it exited with return code 1.
> Configuration is SunOS 4.1.3/OW 3.0 with all recommended patches.
> I could switch all users to xterms, but I have too many users that use
> Thanks in advance,
> I will summarize (as is policy)
> Brian T. Wightman email@example.com
> Academic Computing, UW-Oshkosh firstname.lastname@example.org
> 800 Algoma Blvd, Dempsey Hall 307 http://sol.acs.uwosh.edu/~wightman
> Oshkosh, Wisconsin 54901 Phone: (414) 424-3020
I would like to that the following people for their help:
Brian Utterback <email@example.com>
Casper Dik <casper@Holland.Sun.COM>
Gene Rackow <firstname.lastname@example.org>
Glenn.Satchell@uniq.com.au (Glenn Satchell - Uniq Professional Services)
John Valdes <email@example.com>
bern@TI.Uni-Trier.DE (Jochen Bern)
firstname.lastname@example.org (Arash Jahangir)
sten@ergon.CH (Sten Gunterberg)
The overwelming response was that unless I get the source for xterm
(from X11R6 or X11R5pl26 or greater) and compile it myself, I would be
open to problems. Shelltool and cmdtool are definitely not candidates
One further query - I ran some tests on the version of xterm bundled
with Sunos4.1.3, and tried setting it suid root. Everything worked
fine, even to the point of not allowing logging if I did not have
permission to write to / create the log file that I passed on the
command line. If I had permission to write to the log file,
everything worked, which would be the correct behavior, I think. Am I
missing something here, or has Sun patched xterm and never let anyone
know about it...
Brian (caught up on summaries, I hope)
Brian T. Wightman email@example.com
Academic Computing, UW-Oshkosh firstname.lastname@example.org
800 Algoma Blvd, Dempsey Hall 307 http://sol.acs.uwosh.edu/~wightman
Oshkosh, Wisconsin 54901 Phone: (414) 424-3020
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:10:27 CDT