First, let me say that this list is amazing ! I think we should take
the money we pay to Digital for support and divide it among the people
on this list :-).
Anyway, I wrote:
>> I have no idea what I did - in fact I can't remember doing
>> anything that could be related, but - all of a sudden my
>> dxterms are being created with the wrong uid ! Instead of the
>> uid of aharon, they are being create with the uid of bin ! This
>> appears to happen with any application I start from the window
>> manager - I checked dxterm, and xterm. It also seems to happen
>> to all users (I checked two). This has stumped Digital as well
>> as me.
The problem was with the ownership of a few executables. I verified
the ownership of all files in /usr/bin/X11 with another system, and
now everthing is just fine.
Thanks to:
Dale Cook <cdm_at_hyperk.com>
Henry A Flogel <hflogel_at_wpl.com>
Anthony D'Atri <aad_at_nwnet.net>
Serge Munhoven <munhoven_at_olive.msm.ulg.ac.be>
Mike Iglesias <iglesias_at_draco.acs.uci.edu>
anthony baxter <anthony.baxter_at_aaii.oz.au>
>>>>> "Dale" == Dale Cook <cdm_at_hyperk.com> writes:
Dale> Are the permissions set right for the executables?
Dale> -rwsr-xr-x 1 root bin 270336 Feb 2 1995 /usr/bin/X11/dxterm
Dale> -rwsr-xr-x 1 root bin 221184 Feb 2 1995 /usr/bin/X11/xterm
Dale> -rwxr-xr-x 1 bin bin 229376 Feb 2 1995
Dale> /usr/bin/X11/dxsession
Dale> (Note the setuid bit is on for the (d)xterm.)
>>>>> "Dale" == Dale Cook <cdm_at_hyperk.com> writes:
Dale> At 06:13 PM 6/27/96 +0300, Aharon Schkolnik wrote:
>> well, I have bin bin instead of root bin for dxterm, and
>> xterm. could that be significant ?
Dale> It would be on my system - bin is uid 3, while root is uid
Dale> 0. Basically, xterm needs to be able to run as root so it
Dale> can change ownership of the pty devices and then run as the
Dale> user. I would try changing ownership to root and see if
Dale> that helps. What have you got to lose? :-)
>>>>> "Henry" == Henry A Flogel <hflogel_at_wpl.com> writes:
Henry> I would bet that your "dxterm" and "xterm" executables in
Henry> /usr/bin/X11 are owned by the user "bin" and are SUID
Henry> programs, they are if the programs' permissions are
Henry> -rwsr-xr-x
>>>>> "Henry" == Henry A Flogel <hflogel_at_wpl.com> writes:
Henry> The commands: "chmod u-s /usr/i18n/usr/bin/X11/dxterm"
Henry> "chmod u-s /usr/bin/X11/xterm" will make the processes run
Henry> as the invoking user rather than the owner of the file; in
Henry> your case it would be "aharon".
Henry> I do not know the ramifications of removing the SUID status
Henry> of the programs (other than making your host more secure).
>>>>> "Anthony" == Anthony D'Atri <aad_at_nwnet.net> writes:
Anthony> dxterm may well be setuid, and it's possible that someone
Anthony> changed the user from root to bin, which would have this
Anthony> sort of effect. Look at the permissions on the binary,
Anthony> and chown it to root if it's owned by bin.
>>>>> "Serge" == Serge Munhoven <munhoven_at_olive.msm.ulg.ac.be> writes:
Serge> Just a vague one:
Serge> Does this happen if you start your dxterm :
Serge> - from the Applications menu (I guess so)
Serge> - from the command line (well I guess that that command
Serge> line belongs to an dxterm belongs to the wrong uid ...; try
Serge> the next one first)
Serge> - from the command line of a text terminal (vt100 or a
Serge> like, or telnet session from anywhere) using "dxterm -ls
Serge> -display your.display.ip:0.0 &"
Serge> What about other applications (Bookreader et al.) ?
Serge> What about the uid of dxsession (that's the one I'm aiming
Serge> at ... :-) ?
>>>>> "Mike" == Mike Iglesias <iglesias_at_draco.acs.uci.edu> writes:
Mike> dxterm should be setuid root. Sounds like someone changed
Mike> the owner of dxterm to bin. Here's what mine looks like:
Mike> -rwsr-xr-x 1 root bin 688128 Jul 25 1995
Mike> /usr/bin/X11/dxterm*
>>>>> "anthony" == anthony baxter <anthony.baxter_at_aaii.oz.au> writes:
anthony> It's not something like xterm now being setuid bin rather
anthony> than setuid root, is it?
--
The day is short, and the work is great, | Aharon Schkolnik
and the laborers are lazy, and the reward | Aharon_at_Matat.Health.Gov.IL
is great, and the Master of the house is |
impatient. - Ethics Of The Fathers Ch. 2 |
Received on Sun Jul 07 1996 - 14:04:48 NZST