-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi gang, I was piddlin' around with nothing much to do, so I opened up konqueror and started to just look and read things in different directories and such, and came upon .xsession-errors in my home directory. Most of the stuff makes absolutely no sense to me, but there's a few 'plain english' things in it but don't understand what it means. For instance, I found these lines a few times: konsole_grantpty not installed root-suid konsole: chownpty failed for device /dev/ptyp0::/dev/ttyp0. : This means the session can be eavesdroped. : Make sure konsole_grantpty is installed in : /opt/kde3/bin/ and setuid root. I did a 'man setuid', and from *my* understanding of it, using setuid on things is 'Not Good'®. So what is this device, why did the chown fail, and should I (and how would/do I) make it setuid root? Thanks for any help maqking this 'clearer' to me, and for satiating my idle curiosity, heh. John - -- - -----BEGIN GEEK CODE BLOCK----- Version: 3.12 G! d- s+:++ a? C+++ UL--- P L+++ E-- W++ N+++ o K- w--- O- M- V- PS+ PE Y+ PGP++ t+ 5 X R+ tv-- b++ DI++ D+ G e h r y** - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/AdZwH5oDXyLKXKQRAopfAJ9TwOyXhiM3C5gxqKbD1ANkMLB1GACgxlLX 4GjInqoeXnxzTTFUNJ/f3HQ= =4A6K -----END PGP SIGNATURE-----
It appears that Konsole tries to establish a secure link between your hardware serial port and the pseudo serial port that Konsole uses and fails. So in theory any other users that had access to your Xwindows session could easedrop on your Konsole session. It is only a worry if you have others logged into your PC. If your is a desktop PC, not a server, you have little to worry about. Of course once the data goes out over the serial port it is open for anybody to grab that has the knowledge to do it. It looks like a bug, but I don't know if you should report it to SuSE, KDE, or both. pben On Tuesday 01 July 2003 01:43 pm, John wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi gang,
I was piddlin' around with nothing much to do, so I opened up konqueror and started to just look and read things in different directories and such, and came upon .xsession-errors in my home directory. Most of the stuff makes absolutely no sense to me, but there's a few 'plain english' things in it but don't understand what it means. For instance, I found these lines a few times:
konsole_grantpty not installed root-suid konsole: chownpty failed for device /dev/ptyp0::/dev/ttyp0.
: This means the session can be eavesdroped. : Make sure konsole_grantpty is installed in : /opt/kde3/bin/ and setuid root.
I did a 'man setuid', and from *my* understanding of it, using setuid on things is 'Not Good'®. So what is this device, why did the chown fail, and should I (and how would/do I) make it setuid root? Thanks for any help maqking this 'clearer' to me, and for satiating my idle curiosity, heh.
John - -- - -----BEGIN GEEK CODE BLOCK----- Version: 3.12 G! d- s+:++ a? C+++ UL--- P L+++ E-- W++ N+++ o K- w--- O- M- V- PS+ PE Y+ PGP++ t+ 5 X R+ tv-- b++ DI++ D+ G e h r y** - ------END GEEK CODE BLOCK------ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/AdZwH5oDXyLKXKQRAopfAJ9TwOyXhiM3C5gxqKbD1ANkMLB1GACgxlLX 4GjInqoeXnxzTTFUNJ/f3HQ= =4A6K -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 01 July 2003 14:43, Paul Benjamin wrote:
It appears that Konsole tries to establish a secure link between your hardware serial port and the pseudo serial port that Konsole uses and fails. So in theory any other users that had access to your Xwindows session could easedrop on your Konsole session. It is only a worry if you have others logged into your PC. If your is a desktop PC, not a server, you have little to worry about.
Of course once the data goes out over the serial port it is open for anybody to grab that has the knowledge to do it.
It looks like a bug, but I don't know if you should report it to SuSE, KDE, or both.
pben
Hmmm...okay, I think. lol I'll send it off to both, just to be safe. Yes, it's a desktop, with only me using it ever. Thanks for the information. John -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/AkWoH5oDXyLKXKQRAhJxAJ9W0TwCXUkWo3+Ja0q9QszNo5A3pACgh05o qHgJJtvzDYpqRwyh866esGw= =uq2o -----END PGP SIGNATURE-----
The 03.07.01 at 13:43, John wrote:
konsole_grantpty not installed root-suid konsole: chownpty failed for device /dev/ptyp0::/dev/ttyp0. : This means the session can be eavesdroped. : Make sure konsole_grantpty is installed in : /opt/kde3/bin/ and setuid root.
Well, suse made it that way on purpose, I think. Permissions are defined in /etc/permisions.*, and are set as: /etc/permissions.easy:/opt/kde3/bin/konsole_grantpty root.root 0755 /etc/permissions.paranoid:/opt/kde2/bin/konsole_grantpty root.root 0755 I don't know if it's wrong or not, only that they defined it this way.
I did a 'man setuid', and from *my* understanding of it, using setuid on things is 'Not Good'®.
Well... sometimes it is the only way. -- Cheers, Carlos Robinson
participants (3)
-
Carlos E. R.
-
John
-
Paul Benjamin