This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Update pt_chown sections of the manual
- From: Siddhesh Poyarekar <siddhesh dot poyarekar at gmail dot com>
- To: Allan McRae <allan at archlinux dot org>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 20 Aug 2013 19:16:25 +0530
- Subject: Re: [PATCH] Update pt_chown sections of the manual
- References: <1377001116-9013-1-git-send-email-allan at archlinux dot org>
On 20 August 2013 17:48, Allan McRae <allan@archlinux.org> wrote:
> The pt-chown binary is discussed in the "Running make install" section
> without clarification of the needed configure option. Clarify this
> and simplfy the discription which is already covered in the "Configuring
> and compiling" section. Move details of the source location to below
> the discussion of the security risk imposed by pt-chown.
> ---
>
> 2013-08-20 Allan McRae <allan@archlinux.org>
>
> [BZ #15849]
> * manual/install.text (Running make install): Mention
> --enable-pt-chown. Move source details...
> (Configuring and compiling): ...here.
>
>
> manual/install.texi | 16 +++++++---------
> 1 file changed, 7 insertions(+), 9 deletions(-)
>
> diff --git a/manual/install.texi b/manual/install.texi
> index 4575d22..b5d41a7 100644
> --- a/manual/install.texi
> +++ b/manual/install.texi
> @@ -175,7 +175,8 @@ pseudo-terminal ownership automatically. By using
> @samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
> setuid and owned by @code{root}. The use of @file{pt_chown} introduces
> additional security risks to the system and you should enable it only if
> -you understand and accept those risks.
> +you understand and accept those risks. The source for @file{pt_chown}
> +is in @file{login/programs/pt_chown.c}.
Why is this needed? I don't think we include references to internals
source code anywhere in the manual.
> @item --build=@var{build-system}
> @itemx --host=@var{host-system}
> @@ -325,14 +326,11 @@ can dramatically improve performance with NIS+, and may help with DNS as
> well.
>
> One auxiliary program, @file{/usr/libexec/pt_chown}, is installed setuid
> -@code{root}. This program is invoked by the @code{grantpt} function; it
> -sets the permissions on a pseudoterminal so it can be used by the
> -calling process. This means programs like @code{xterm} and
> -@code{screen} do not have to be setuid to get a pty. (There may be
> -other reasons why they need privileges.) If you are using a
> -Linux kernel with the @code{devptsfs} or @code{devfs} filesystems
> -providing pty slaves, you don't need this program; otherwise you do.
> -The source for @file{pt_chown} is in @file{login/programs/pt_chown.c}.
> +@code{root} if the @samp{--enable-pt_chown} configuration option is used.
> +This program is invoked by the @code{grantpt} function; it sets the
> +permissions on a pseudoterminal so it can be used by the calling process.
> +If you are using a Linux kernel with the @code{devpts} filesystem enabled
> +and mounted at @file{/dev/pts}, you don't need this program.
>
> After installation you might want to configure the timezone and locale
> installation of your system. @Theglibc{} comes with a locale
> --
> 1.8.3.4
>
--
http://siddhesh.in