BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

I don't like KDE!

Subject: I don't like KDE!
From: krose at theory.lcs.mit.edu (Kyle Rose)
Date: 12 Jul 1999 14:05:20 -0400
In-reply-to: Christoph Doerbeck A242369's message of "Mon, 12 Jul 1999 12:42:38 -0400"
References: <199907121644.MAA06124@cso.fmr.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> My question are:
> What part of KDE does this?
> How do I disable it?
> Does GNOME work the same way?
> 
> My personal opinion, this technique of changing access at login
> stinks!

I know next to nothing about KDE, but I do know why these things are
changed: it avoids the necessity of having setuid programs to access
the devices, and as we all know, setuid programs are potential
security risks.

Most people who run X as their normal environment solve this problem
by running a display manager (such as xdm or gdm) and making the
presession script set the ownership of the various devices to the user
logging in.  This has the advantage of giving you a pleasant looking
login (well, at least in the case of gdm; the xdm login widget is
hideous) as well as setting ownership properly, while avoiding the use
of "trusted" setuid programs.

There are several ways around this if you want to be able to access
those devices in the same way when using a regular tty login.  The
simplest is to create a setuid script that sets the appropriate
ownerships when the person is logging in from the first virtual
terminal.  E.g.,

#!/bin/sh

if [ `/usr/bin/tty` == tty1 ]; then
        /bin/chown $USER /dev/dsp /dev/audio /dev/tty1 /dev/cdrom
fi

and make this run from /etc/profile or /etc/zlogin or whatever the
login script is for your shell.  Note that all the executables in the
above script are listed with complete paths: this is important for any 
setuid scripts.

Kyle


- -- 
Kyle R. Rose                      "They can try to bind our arms,
Laboratory for Computer Science    But they cannot chain our minds
MIT NE43-309, 617-253-5883             or hearts..."
http://web.mit.edu/krr/www/                           Stratovarius
krose at theory.lcs.mit.edu                              Forever Free
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v0.9.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE3ii5f66jzSko6g9wRAtOaAJ9P1ViXr9Z5GB+lsnKWvhjSra/M9QCg5JwO
r+XeLwau4eLyt74KUyuPYyQ=
=MD22
-----END PGP SIGNATURE-----
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).

References:
- I don't like KDE!
  - From: cdoerbec at cso.fmr.com (Christoph Doerbeck A242369)

Prev by Date: linux funk
Next by Date: Thread on window managers
Previous by thread: I don't like KDE!
Next by thread: I don't like KDE!
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org