Re: cons.saver not suid root



On Wed, Jun 08, 2005 at 06:06:03PM +0200, Tomasz Kłoczko wrote:

> BTW: in case Linux now I don' see cons.saver usage.
> 
> $ strace -o out mc; grep cons.saver out
> 
> with few times ctrl-o during strace show nothing (?).
> 
> Q: is in case Linux cons.saver is still neccessary ?

Yes. In case mc's running on text console you need raw read-write access to
vcsa* in order to get ctrl-o working. There are two approches for this
situation, one is the setuid/setgid cons.saver wrapper, the other is
granting access for the user to the vcsa devices, e.g. make vcsa owned by
the user. The problem with the latter one is that there's no way to revoke
this from the user under Linux, once you open it you can hold it open as
long as the system is up and hence you can watch other people's data
there if someone else logs in there...



-- 
Egmont



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]