cvs commit: ports/x11/luit Makefile distinfo
ports/x11/luit/files patch-luit.c
Andrey Chernov
ache at FreeBSD.ORG
Tue Oct 11 01:06:49 UTC 2011
On Mon, Oct 10, 2011 at 08:26:08PM -0400, Sahil Tandon wrote:
> > It happens only if builded luit port have WITH_SETUID_LUIT set, otherwise
> > you don't notice the bug.
>
> Ah, so it does not actually affect the default packages as built by the
> clusters?
Yes, default packages are not affected, but building luit non-setuid by
default isn't a good choice in the first place due to this luit(1) quote:
On systems without SVR4 ("Unix-98") ptys (notably BSD variants), run-
ning luit as an ordinary user will leave the tty world-writable; this
is a security hole, and luit will generate a warning (but still accept
to run). A possible solution is to make luit suid root;
> Thanks; I believe eadler@ has already created a patch and shared it with
> you for review.
Yes. There was single line, which is enough:
CFLAGS+= -DBSD
--
http://ache.vniz.net/
More information about the cvs-ports
mailing list