Quoting Speed (speedat_private) from Thu, Mar 04, 1999 at 08:04:49PM -0500: > It is interesting to note that the gnuplot on my system is NOT suid root > (nor have I modified the default installed settings). My version is 3.5 > patchlevel 3.50.1.17 (i.e. very old). The distribution is Slackware. > > I agree with xnec in that I can see no good reason to make it suid root. > Anyone know why this was done? Debian Linux's gnuplot README says: In order to enable ordinary users to use SVGA console graphics, gnuplot needs to be set up as setuid root. Please note that this is usually considered to be a security hazard and is not recommended unless you know what you are doing. Running it under X11 doesn't require gnuplot to be suid root. FWIW, when installing gnuplot from the Debian package, dpkg asks Currently, gnuplot is not set up as setuid root. Good. Do you want to change it? (y/n/?) [n] The ? option gives: In order to enable ordinary users to use SVGA console graphics, gnuplot needs to be set up as setuid root. Please note that this is usually considered to be a security hazard. which leads me to conclude that at least one person went "hm, that's not right". I couldn't find anything one way or another in gnuplot's documentation, though. CONSOLE GROUP, people. \Rich -- Rich Lafferty --------------------------------------------------------- IITS/Computing Services | "Oderint dum metuant." Concordia University | -- Lucius Accius (170-90 BC). richat_private -----------------------------------------[McQ]--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:06 PDT