[xorg-bugzilla-noise] [Bug 1029] New: Hard failure if socket
directories cannot be chowned to root is bad
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Aug 10 17:29:17 PDT 2004
Please do not reply to this email: if you want to comment on the bug, go to
the URL shown below and enter yourcomments there.
https://freedesktop.org/bugzilla/show_bug.cgi?id=1029
Summary: Hard failure if socket directories cannot be chowned to
root is bad
Product: xorg
Version: CVS_head
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Lib/xtrans
AssignedTo: xorg-bugzilla-noise at freedesktop.org
ReportedBy: torrey at mrcla.com
CC: eich at pdx.freedesktop.org
OtherBugsDependingO 351
nThis:
The most recent revision to lib/xtrans/Xtransutil.c causes significant problems for non-setuid Xservers
such as XDarwin. Here is the cvs commit info:
revision 1.4
date: 2004-07-30 21:00:20 +0000; author: eich; state: Exp; lines: +90 -19
2004-07-30 Egbert Eich <eich at freedesktop.org>
* lib/xtrans/Xtransutil.c: (trans_mkdir):
fail hard if socket directories cannot be chowned to root or
chmod'ed to the requested mode if 'sticky' bit is requested for
this directory instead of just print a warning that will remain
unnoticed most of the times.
And the comment from the file:
/*
* 'sticky' bit requested: assume application makes
* certain security implications. If effective user ID
* is != 0: fail as we may not be able to meet them.
*/
This seems draconian as non-setuid servers can never satisfy this requirement. What real security risks
make it worth a hard failure? If nothing else this test should be dropped when the Imakefile setting
InstallXserverSetUID is false.
--
Configure bugmail: https://freedesktop.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the xorg-bugzilla-noise
mailing list