Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.

Bug 6338

Summary: /usr/libexec/pt_chown is not installed suid root
Product: [Retired] Red Hat Linux Reporter: edc
Component: glibcAssignee: Cristian Gafton <gafton>
Status: CLOSED RAWHIDE QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 6.1CC: udaya
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-01-04 23:57:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description edc 1999-10-25 15:34:36 UTC
/usr/libexec/pt_chown is not installed suid root and is
therefore useless.  Since pt_chown is not used by systems
using Unix98 ptys this problem is probably not noticed by
most people.  Users trying to minimize kernel memory use (or
using the default kernelconfiguration) however, will be
unable to use ptys.

Comment 1 udaya 1999-11-18 20:01:59 UTC
xterm on redhat linux 6.1 doesn't work because /usr/libexec/pt_chown is not
installed suid root. Therefore, it is important that this problem be fixed
as soon as possible.

udaya

Comment 2 Cristian Gafton 2000-01-04 23:57:59 UTC
Please enable devpts and you won't need pt_chown at all.

Anyway, the setuid bit is turned on again in the rawhide rpm for glibc

Comment 3 wingc 2000-02-02 03:41:59 UTC
Please don't enable the suid bit on pt_chown by default.

If people want to use glibc2.1 without devpts, then make a note in the
documentation.

Leaving a setuid root executable on every Red Hat system that will not be used
by 99.99% of people is a bad idea. Why risk the possibility of an exploit?