Please don't apply.
IT> It seems xc/programs/luit/sys.c in XFree86 4.3.0 contains a off-by-one
IT> bug. A patch (sys.c.patch) to fix this is attached.
This is correct. Thanks, I've forwarded it to the patchers.
IT> - Make luit use openpty to search an unused pty. Without this patch,
IT> luit aborts after opening ten or so xterms.
Could you explain why this happens? allocatePty in sys.c searches
through 256 ptys.
I strongly dislike the openpty interface, which I feel is badly
designed. Indeed, your patch causes luit to open the slave side in the
parent, which feel wrong.
Your patch also breaks support for systems with SVR4 ptys. This
cannot go in.
IT> - Allow one to setuid luit.
This one is incorrect; it is a serious security hole, not only on
FreeBSD but on all systems that have saved-ids that don't respect the
Posix semantics.
Luit will check for Posix saved IDs, and refuse to run if it's setuid
on systems that have the (broken) 4.3BSD saved-ids semantics. Your
patch merely removes this check.
OpenBSD have done the reasonable thing, and abandoned the 4.3BSD
saved-ids semantics in favour of the Posix one. FreeBSD haven't,
however, and making luit setuid safely under FreeBSD would require
using BSD-specific interfaces. This is *not* what you have done.
Juliusz
_______________________________________________
Devel mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/devel
