[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: Konsole - a security vs. portability problem
From:       "Patrick D. Dowler" <dowler () pt1B1106 ! FSH ! UVic ! CA>
Date:       1999-01-06 19:57:32
[Download RAW message or body]


It seems that there are several choices:

1.  if system supports the necessary ioctl, you can have session feature and
privacy   without suid (seems to be the best of all)

2. if the system doesn't support the necessary ioctl, you can

   a) install normally and not have privacy (can't chown/chmod)

   b) install suid, disable session feature, and have some security by
       dropping priviledges after chmod/chown'ing the pty - then
       you get privacy at the expense of sessions, with minimal security
       problem from suid

   c) install suid, don't drop priviledges, and have session feature

3. Could you do 2a but set up something like sudo to let users
    change the priviledges of the pty's they open? Would sudo be
    any more portable? It seems that to get privacy and sessions, you
    need the cooperation of the sysadmin in any case...


Patrick Dowler
Victoria, BC

[prev in list] [next in list] [prev in thread] [next in thread]