[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: KDE and setuid programs
From:       Harri Porten <porten () trolltech ! com>
Date:       2002-07-01 14:59:45
[Download RAW message or body]

On Mon, 1 Jul 2002, Malte Starostik wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Am Monday 01 July 2002 14:14 schrieb Robin Atwood:
> > I just got a mail from a user of my Kall program that it won't work as a
> > normal user. Curiously, no one else seems to have noticed this and I always
> > test and build as root (not a good idea, I suppose). The problem is
> > creating the UUCP locking file "/var/lock/LCK..ttyS0" or whatever, the user
> > needs root privilege. The solution would be to make the kall binary setuid
> > root but KDE does not allow this. kppp can obviously do this, so what's the

kppp isn't a setuid KDE application btw. The frontend runs with regular
user permissions.

> > general strategy?
> On my box, /var/lock/ belongs to group uucp and is group-writable. IMHO the 
> better alternative than making the whole program suid.

Sure. And it would be interesting to know why the anti-setuid check
doesn't work relyably. Joseph ?

Harri.

 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]