I recently upgraded from 2.1 to 3.2 and found that /dev/xcons has gone away.
It appears to be replaced by the "xconsole" (or "dxconsole") program.
Unfortunately this program will only work if I run it as "root". This is
despite the fact that it is a setuid-root program!
Digital tell me it's a feature, and that it is supposed to be set up as part
of the session startup which is running as root anyway. But we use vanilla xdm
and take the view that it is up to the users to decide what desktop furniture
they want.
Naturally I wonder whether Digital knows what it is doing here. A setuid-root
program which refuses to work if not invoked by root strikes me as inherently
silly. If they really intend it to be run only as root, the setuid bit is
superfluous, and moves yet another program inside the security perimeter.
Can anybody offer any workarounds to the problem? As system administrator I
can run the program as root anyway, but most of my users can not, so I need to
find an unprivileged solution.
The best I can think of is a setuid-root wrapper program which sets the real
uid to 0 and then invokes xconsole. Can anybody suggest any better solution?
Martyn Johnson maj_at_cl.cam.ac.uk
University of Cambridge Computer Lab
Cambridge UK
Received on Tue Jul 11 1995 - 21:00:13 NZST