---- [ Alaric S. Haag, Computer Manager haag_at_imr00.me.lsu.edu ] [ Louisiana State University, Mech. Engr. Dept. FAX: (504) 388-5924 ] [ Baton Rouge, LA 70803 Opinions: (504) 388-5897 ] "I've got dust in my mind's eye!!" - Me Responses follow: ================================================================= From: MX%"orman_at_cnde.iastate.edu" 9-MAY-1995 17:10:09.76 [...deletia...] hmm could be because xterm is suid root on alphas. alphaone:X11 5:03pm>ls -l xterm -rwsr-xr-x 1 root bin 221184 Feb 3 00:51 xterm* alphaone:X11 5:03pm>pwd /usr/bin/X11 -- _______ ___ _________ +------------------------------------+ /\______\ /\__\ /\________\ | David L Orman | / / ___ \/ / / / / ___ / | orman_at_iastate.edu | / / / \ \/ / / / / / / | Systems Administrator CNDE | / / / / / /___ / / / / / | ----------- Iowa State ----------- | / / /___/ / /____\ / /__/ / |Center For NonDestructive Evaluation| \/__________/_________/________/ |____________________________________| ================================================================= From: MX%"jwright_at_phy.ucsf.edu" 9-MAY-1995 17:25:32.89 [...deletia...] % lsl /usr/bin/X11/xterm -rwsr-xr-x 1 root bin 229376 Feb 22 1994 /usr/bin/X11/xterm* xterm is suid root. of course it will run as root. why have such a bloated, insecure program suid root? so it can update /var/adm/utmp. whether this is reasonable is a long argument. looks like the man page doesn't discuss this, even though it has a section on "security". Jim Wright Keck Center for Integrative Neuroscience jwright_at_phy.ucsf.edu Department of Physiology, Box 0444 voice 415-502-4874 513 Parnassus Ave, Room HSE-811 fax 415-502-4848 UCSF, San Francisco, CA 94143-0444 ================================================================= From: MX%"SEB_at_LNS62.LNS.CORNELL.EDU" 9-MAY-1995 17:25:59.41 [...deletia...] Ric, Well, I'm not saying it isn't something to be concerned about, but when I did a "ps -ef" from my personal nonpriv'd account on an Alpha/osf system here, I discovered that the process running "ps -ef" was shown as root. Please be sure to let us know what you learn. sigh. SeldenReceived on Tue May 09 1995 - 18:50:09 NZST
This archive was generated by hypermail 2.4.0 : Wed Nov 08 2023 - 11:53:45 NZDT