This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Update pt_chown sections of the manual
- From: Allan McRae <allan at archlinux dot org>
- To: Siddhesh Poyarekar <siddhesh dot poyarekar at gmail dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 20 Aug 2013 23:50:34 +1000
- Subject: Re: [PATCH] Update pt_chown sections of the manual
- References: <1377001116-9013-1-git-send-email-allan at archlinux dot org> <CAAHN_R1Cjxy3dCkpA5gNMf3xQ5Mhgy7MGUZ4o=tEEGbt0KJE9g at mail dot gmail dot com>
On 20/08/13 23:46, Siddhesh Poyarekar wrote:
> On 20 August 2013 17:48, Allan McRae <allan@archlinux.org> wrote:
>> The pt-chown binary is discussed in the "Running make install" section
>> without clarification of the needed configure option. Clarify this
>> and simplfy the discription which is already covered in the "Configuring
>> and compiling" section. Move details of the source location to below
>> the discussion of the security risk imposed by pt-chown.
>> ---
>>
>> 2013-08-20 Allan McRae <allan@archlinux.org>
>>
>> [BZ #15849]
>> * manual/install.text (Running make install): Mention
>> --enable-pt-chown. Move source details...
>> (Configuring and compiling): ...here.
>>
>>
>> manual/install.texi | 16 +++++++---------
>> 1 file changed, 7 insertions(+), 9 deletions(-)
>>
>> diff --git a/manual/install.texi b/manual/install.texi
>> index 4575d22..b5d41a7 100644
>> --- a/manual/install.texi
>> +++ b/manual/install.texi
>> @@ -175,7 +175,8 @@ pseudo-terminal ownership automatically. By using
>> @samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
>> setuid and owned by @code{root}. The use of @file{pt_chown} introduces
>> additional security risks to the system and you should enable it only if
>> -you understand and accept those risks.
>> +you understand and accept those risks. The source for @file{pt_chown}
>> +is in @file{login/programs/pt_chown.c}.
>
> Why is this needed? I don't think we include references to internals
> source code anywhere in the manual.
I am quite happy to remove it. It has just been moved up from lower in
the info page, where it was even less relevant. I had kept it assuming
there must be a reason...
>> @item --build=@var{build-system}
>> @itemx --host=@var{host-system}
>> @@ -325,14 +326,11 @@ can dramatically improve performance with NIS+, and may help with DNS as
>> well.
>>
>> One auxiliary program, @file{/usr/libexec/pt_chown}, is installed setuid
>> -@code{root}. This program is invoked by the @code{grantpt} function; it
>> -sets the permissions on a pseudoterminal so it can be used by the
>> -calling process. This means programs like @code{xterm} and
>> -@code{screen} do not have to be setuid to get a pty. (There may be
>> -other reasons why they need privileges.) If you are using a
>> -Linux kernel with the @code{devptsfs} or @code{devfs} filesystems
>> -providing pty slaves, you don't need this program; otherwise you do.
>> -The source for @file{pt_chown} is in @file{login/programs/pt_chown.c}.
>> +@code{root} if the @samp{--enable-pt_chown} configuration option is used.
>> +This program is invoked by the @code{grantpt} function; it sets the
>> +permissions on a pseudoterminal so it can be used by the calling process.
>> +If you are using a Linux kernel with the @code{devpts} filesystem enabled
>> +and mounted at @file{/dev/pts}, you don't need this program.
>>
>> After installation you might want to configure the timezone and locale
>> installation of your system. @Theglibc{} comes with a locale
>> --
>> 1.8.3.4
>>
>
>
>