Re: --with-gpm-mouse problems

From: Pavel Roskin <proski gnu org>
To: Walery Studennikov <despair sama ru>
Cc: <mc-devel gnome org>
Subject: Re: --with-gpm-mouse problems
Date: Wed, 1 Aug 2001 16:32:23 -0400 (EDT)

> Here's the patch against gpm-1.19.3.  I don't guarantee that it's secure.

Sorry, it's a patch against gpm-1.19.3 patched by RedHat.

> -  chmod(GPM_NODE_CTL,0700);
> +  chmod(GPM_NODE_CTL,0777);

This part is not needed in the official gpm.  This part comes from
gpm-1.19.1-secenhance.patch

If we want to use gpm on RedHat it may be needed to add another suid
wrapper, like cons.saver.  But I don't think using suid wrappers in
applications is a good idea.

I you are not allowed to read mouse events, then don't read them.  The
same applies to cons.saver and the console contents.

> -          if (strncmp(tty,"/dev/tty",8) || !isdigit(tty[8]))
> +          if ((strncmp(tty,"/dev/tty",8) && strncmp(tty,"/dev/vc/",8)) || !isdigit(tty[8]))

This still applies, but checking major and minor numbers would be a better
idea than checking the names.  It's not the only place where /dev/tty is
hardcoded.  I have no time to make a complete patch for gpm.  My priority
is to release MC as soon as possible.

-- 
Regards,
Pavel Roskin

References:
- Re: --with-gpm-mouse problems
  - From: Pavel Roskin

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]