Bugtraq mailing list archives
Re: Linux /usr/bin/gnuplot overflow
From: schaefer () ALPHANET CH (Marc SCHAEFER)
Date: Sat, 6 Mar 1999 09:41:36 +0100
/etc/rc.config and set PERMISSION_SECURITY="paranoid". That way gnuplot
warning, warning. permissions.paranoid is not supported by SuSE --- it was contributed by me. It only fixes the problems that SuSE 5.0 had. When I have some time again, I will do the same work with a full install of SuSE 6.0. At least without clear information from SuSE that /etc/permissions.paranoid is uptodate, I would not count on it to be _absolutely_ paranoid. After all, you are supposed to do your homeworks yourself, too :) Also, for it to work, it needs a few things, such as an ``xok'' group, etc, look at the start of that file.
root@laser:/home/andrea# grep gnuplot /etc/permissions.paranoid # WHY ON HELL was gnuplot suid root !!!!! /usr/bin/gnuplot root.root 755
I remember my very clean statements about this problem :) The ``reason'', as someone pointed out, is the SVGALib. For me that's a very bad reason to suid --- by default --- an executable.
Current thread:
- Re: Linux /usr/bin/gnuplot overflow Speed (Mar 04)
- Re: Linux /usr/bin/gnuplot overflow Rich Lafferty (Mar 05)
- <Possible follow-ups>
- Re: Linux /usr/bin/gnuplot overflow Marc SCHAEFER (Mar 06)
- Re: Linux /usr/bin/gnuplot overflow Marc Heuse (Mar 06)
- Re: Linux /usr/bin/gnuplot overflow Marc Heuse (Mar 08)