From kde-devel Wed Jan 06 19:57:32 1999 From: "Patrick D. Dowler" Date: Wed, 06 Jan 1999 19:57:32 +0000 To: kde-devel Subject: Re: Konsole - a security vs. portability problem X-MARC-Message: https://marc.info/?l=kde-devel&m=91565297502848 It seems that there are several choices: 1. if system supports the necessary ioctl, you can have session feature and privacy without suid (seems to be the best of all) 2. if the system doesn't support the necessary ioctl, you can a) install normally and not have privacy (can't chown/chmod) b) install suid, disable session feature, and have some security by dropping priviledges after chmod/chown'ing the pty - then you get privacy at the expense of sessions, with minimal security problem from suid c) install suid, don't drop priviledges, and have session feature 3. Could you do 2a but set up something like sudo to let users change the priviledges of the pty's they open? Would sudo be any more portable? It seems that to get privacy and sessions, you need the cooperation of the sysadmin in any case... Patrick Dowler Victoria, BC