[fpc-devel] Linux kernel behaviour change regarding keyboard
Christian Iversen
chrivers at iversen-net.dk
Wed Jul 18 19:38:01 CEST 2007
Michael Van Canneyt wrote:
>
> On Wed, 18 Jul 2007, Marco van de Voort wrote:
>
>>> On 18 Jul 2007, at 14:08, Jonas Maebe wrote:
>>>
>>>>> Install the IDE setuid.
>>>> That would be an extremely bad idea with the current stability
>>>> record of the IDE.
>>> Not to mention that it allows you to open and overwrite any arbitrary
>>> file.
>> Yes. Just like we all have for decades. And no, it is not ideal, but
>> apparantly that is what the kernel devels want as the only way to access the
>> full terminal capability.
>
> You cannot distribute a tool which creates a security hole as large as from
> here till Tokio. That would not look good the day it is discovered, and
> arguments like "the kernel forcing us to do so" will not help us then.
>
> It just means you'll have less functionality.
> How does midnight commander solve it? As far as I know, it also
> has strange keyboard combinations ?
Sorry for joining the discussion so late, but what special key combos
are we talking about? And what changed in the kernel?
I agree that it does sound absurd to require root privs - and of course
it goes without saying that the IDE _cannot_ under any circumstance be
distributed to run as +s, it just cannnot happen, period.
These privileges that we are talking about, are they transferrable
between processes? In that case, we could write a small setuid wrapper
to setup the terminal, then exec the IDE without privs.
Under any circumstance, if there really isn't any New And Improved way
to do this sans root, we should bring it up on the kernel mailing list.
I can do that, if need be - I'm always quite interested in security matters.
--
Regards,
Christian Iversen
More information about the fpc-devel
mailing list