-- Leo's gemini proxy
-- Connecting to git.thebackupbox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini
repo: rxvt-unicode-sixel action: commit revision: path_from: revision_from: c182a0c0091fa9f96dba83b74771502b3eccaeea: path_to: revision_to:
commit c182a0c0091fa9f96dba83b74771502b3eccaeea Author: Marc Lehmann <schmorp@schmorp.de> Date: Mon Jan 9 01:54:43 2006 +0000 *** empty log message *** diff --git a/Changes b/Changes
--- a/Changes +++ b/Changes @@ -9,6 +9,8 @@ WISH: OnTheSpot editing, or maybe switch to miiiiiiif WISH: just for fun, do shade and tint with XRender. WISH: support tex fonts + - added sections for DISTRIBUTION MAINTAINERS and about + SETUID/SETGID operation tot he FAQ. - selection, selection-popup and option-popup extensions enabled by default. - perl: much increased functionality, better overlays, popup support diff --git a/README.FAQ b/README.FAQ
--- a/README.FAQ +++ b/README.FAQ @@ -103,6 +103,47 @@ FREQUENTLY ASKED QUESTIONS also a bug in the Debian version and it serves as a reminder for other users that might encounter the same issue. + I am maintaining rxvt-unicode for distribution/OS XXX, any + recommendation? + You should build one binary with the default options. configure now + enables most useful options, and the trend goes to making them + runtime-switchable, too, so there is usually no drawback to enbaling + them, except higher disk and possibly memory usage. The perl + interpreter should be enabled, as important functionality (menus, + selection, likely more in the future) depends on it. + + You should not overwrite the "perl-ext-common" snd "perl-ext" + resources system-wide (except maybe with "defaults"). This will + result in useful behaviour. If your distribution aims at low memory, + add an empty "perl-ext-common" resource to the app-defaults file. + This will keep the perl interpreter disabled until the user enables + it. + + If you can/want build more binaries, I recommend building a minimal + one with "--disable-everything" (very useful) and a maximal one with + "--enable-everything" (less useful, it will be very big due to a lot + of encodings built-in that increase download times and are rarely + used). + + I need to make it setuid/setgid to support utmp/ptys on my OS, is this + safe? + Likely not. While I honestly try to make it secure, and am probably + not bad at it, I think it is simply unreasonable to expect all of + freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to + all be secure. Also, rxvt-unicode disables some options when it + detects that it runs setuid or setgid, which is not nice. + + Elevated privileges are only required for utmp and pty operations on + some systems (for example, GNU/Linux doesn't need any extra + privileges for ptys, but some need it for utmp support). If + rxvt-unicode doesn't support the library/setuid helper that your OS + needs I'll be happy to assist you in implementing support for it. + + So, while setuid/setgid operation is supported and not a problem on + your typical single-user-no-other-logins unix desktop, always + remember that its an awful lot of code, most of which isn't checked + for security issues regularly. + When I log-in to another system it tells me about missing terminfo data? The terminal description used by rxvt-unicode is not as widely available as that for xterm, or even rxvt (for which the same diff --git a/doc/rxvt.7.html b/doc/rxvt.7.html
--- a/doc/rxvt.7.html +++ b/doc/rxvt.7.html @@ -210,6 +210,53 @@ bug in the Debian version and it serves as a reminder for other users that might encounter the same issue.</p> </dd> <p></p> +<dt><strong><a name="item_i_am_maintaining_rxvt_2dunicode_for_distribution_2">I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?</a></strong><br /> +</dt> +<dd> +You should build one binary with the default options. <em>configure</em> +now enables most useful options, and the trend goes to making them +runtime-switchable, too, so there is usually no drawback to enbaling them, +except higher disk and possibly memory usage. The perl interpreter should +be enabled, as important functionality (menus, selection, likely more in +the future) depends on it. +</dd> +<dd> +<p>You should not overwrite the <code>perl-ext-common</code> snd <code>perl-ext</code> resources +system-wide (except maybe with <code>defaults</code>). This will result in useful +behaviour. If your distribution aims at low memory, add an empty +<code>perl-ext-common</code> resource to the app-defaults file. This will keep the +perl interpreter disabled until the user enables it.</p> +</dd> +<dd> +<p>If you can/want build more binaries, I recommend building a minimal +one with <code>--disable-everything</code> (very useful) and a maximal one with +<a href="#item__2d_2denable_2deverything"><code>--enable-everything</code></a> (less useful, it will be very big due to a lot of +encodings built-in that increase download times and are rarely used).</p> +</dd> +<p></p> +<dt><strong><a name="item_i_need_to_make_it_setuid_2fsetgid_to_support_utmp_">I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?</a></strong><br /> +</dt> +<dd> +Likely not. While I honestly try to make it secure, and am probably +not bad at it, I think it is simply unreasonable to expect all of +freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be +secure. Also, rxvt-unicode disables some options when it detects that it +runs setuid or setgid, which is not nice. +</dd> +<dd> +<p>Elevated privileges are only required for utmp and pty operations on some +systems (for example, GNU/Linux doesn't need any extra privileges for +ptys, but some need it for utmp support). If rxvt-unicode doesn't support +the library/setuid helper that your OS needs I'll be happy to assist you +in implementing support for it.</p> +</dd> +<dd> +<p>So, while setuid/setgid operation is supported and not a problem on your +typical single-user-no-other-logins unix desktop, always remember that +its an awful lot of code, most of which isn't checked for security issues +regularly.</p> +</dd> +<p></p> <dt><strong><a name="item_when_i_log_2din_to_another_system_it_tells_me_abou">When I log-in to another system it tells me about missing terminfo data?</a></strong><br /> </dt> <dd> diff --git a/doc/rxvt.7.man.in b/doc/rxvt.7.man.in
--- a/doc/rxvt.7.man.in +++ b/doc/rxvt.7.man.in @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "rxvt 7" -.TH rxvt 7 "2006-01-07" "6.3" "RXVT-UNICODE" +.TH rxvt 7 "2006-01-09" "6.3" "RXVT-UNICODE" .SH "NAME" RXVT REFERENCE \- FAQ, command sequences and other background information .SH "SYNOPSIS" @@ -269,6 +269,43 @@ For other problems that also affect the Debian package, you can and probably should use the Debian \s-1BTS\s0, too, because, after all, it's also a bug in the Debian version and it serves as a reminder for other users that might encounter the same issue. +.IP "I am maintaining rxvt-unicode for distribution/OS \s-1XXX\s0, any recommendation?" 4 +.IX Item "I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?" +You should build one binary with the default options. \fIconfigure\fR +now enables most useful options, and the trend goes to making them +runtime\-switchable, too, so there is usually no drawback to enbaling them, +except higher disk and possibly memory usage. The perl interpreter should +be enabled, as important functionality (menus, selection, likely more in +the future) depends on it. +.Sp +You should not overwrite the \f(CW\*(C`perl\-ext\-common\*(C'\fR snd \f(CW\*(C`perl\-ext\*(C'\fR resources +system-wide (except maybe with \f(CW\*(C`defaults\*(C'\fR). This will result in useful +behaviour. If your distribution aims at low memory, add an empty +\&\f(CW\*(C`perl\-ext\-common\*(C'\fR resource to the app-defaults file. This will keep the +perl interpreter disabled until the user enables it. +.Sp +If you can/want build more binaries, I recommend building a minimal +one with \f(CW\*(C`\-\-disable\-everything\*(C'\fR (very useful) and a maximal one with +\&\f(CW\*(C`\-\-enable\-everything\*(C'\fR (less useful, it will be very big due to a lot of +encodings built-in that increase download times and are rarely used). +.IP "I need to make it setuid/setgid to support utmp/ptys on my \s-1OS\s0, is this safe?" 4 +.IX Item "I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?" +Likely not. While I honestly try to make it secure, and am probably +not bad at it, I think it is simply unreasonable to expect all of +freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be +secure. Also, rxvt-unicode disables some options when it detects that it +runs setuid or setgid, which is not nice. +.Sp +Elevated privileges are only required for utmp and pty operations on some +systems (for example, GNU/Linux doesn't need any extra privileges for +ptys, but some need it for utmp support). If rxvt-unicode doesn't support +the library/setuid helper that your \s-1OS\s0 needs I'll be happy to assist you +in implementing support for it. +.Sp +So, while setuid/setgid operation is supported and not a problem on your +typical single-user-no-other-logins unix desktop, always remember that +its an awful lot of code, most of which isn't checked for security issues +regularly. .IP "When I log-in to another system it tells me about missing terminfo data?" 4 .IX Item "When I log-in to another system it tells me about missing terminfo data?" The terminal description used by rxvt-unicode is not as widely available diff --git a/doc/rxvt.7.pod b/doc/rxvt.7.pod
--- a/doc/rxvt.7.pod +++ b/doc/rxvt.7.pod @@ -134,6 +134,45 @@ probably should use the Debian BTS, too, because, after all, it's also a bug in the Debian version and it serves as a reminder for other users that might encounter the same issue. +=item I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation? + +You should build one binary with the default options. F<configure> +now enables most useful options, and the trend goes to making them +runtime-switchable, too, so there is usually no drawback to enbaling them, +except higher disk and possibly memory usage. The perl interpreter should +be enabled, as important functionality (menus, selection, likely more in +the future) depends on it. + +You should not overwrite the C<perl-ext-common> snd C<perl-ext> resources +system-wide (except maybe with C<defaults>). This will result in useful +behaviour. If your distribution aims at low memory, add an empty +C<perl-ext-common> resource to the app-defaults file. This will keep the +perl interpreter disabled until the user enables it. + +If you can/want build more binaries, I recommend building a minimal +one with C<--disable-everything> (very useful) and a maximal one with +C<--enable-everything> (less useful, it will be very big due to a lot of +encodings built-in that increase download times and are rarely used). + +=item I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe? + +Likely not. While I honestly try to make it secure, and am probably +not bad at it, I think it is simply unreasonable to expect all of +freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be +secure. Also, rxvt-unicode disables some options when it detects that it +runs setuid or setgid, which is not nice. + +Elevated privileges are only required for utmp and pty operations on some +systems (for example, GNU/Linux doesn't need any extra privileges for +ptys, but some need it for utmp support). If rxvt-unicode doesn't support +the library/setuid helper that your OS needs I'll be happy to assist you +in implementing support for it. + +So, while setuid/setgid operation is supported and not a problem on your +typical single-user-no-other-logins unix desktop, always remember that +its an awful lot of code, most of which isn't checked for security issues +regularly. + =item When I log-in to another system it tells me about missing terminfo data? The terminal description used by rxvt-unicode is not as widely available diff --git a/doc/rxvt.7.txt b/doc/rxvt.7.txt
--- a/doc/rxvt.7.txt +++ b/doc/rxvt.7.txt @@ -124,6 +124,47 @@ FREQUENTLY ASKED QUESTIONS also a bug in the Debian version and it serves as a reminder for other users that might encounter the same issue. + I am maintaining rxvt-unicode for distribution/OS XXX, any + recommendation? + You should build one binary with the default options. configure now + enables most useful options, and the trend goes to making them + runtime-switchable, too, so there is usually no drawback to enbaling + them, except higher disk and possibly memory usage. The perl + interpreter should be enabled, as important functionality (menus, + selection, likely more in the future) depends on it. + + You should not overwrite the "perl-ext-common" snd "perl-ext" + resources system-wide (except maybe with "defaults"). This will + result in useful behaviour. If your distribution aims at low memory, + add an empty "perl-ext-common" resource to the app-defaults file. + This will keep the perl interpreter disabled until the user enables + it. + + If you can/want build more binaries, I recommend building a minimal + one with "--disable-everything" (very useful) and a maximal one with + "--enable-everything" (less useful, it will be very big due to a lot + of encodings built-in that increase download times and are rarely + used). + + I need to make it setuid/setgid to support utmp/ptys on my OS, is this + safe? + Likely not. While I honestly try to make it secure, and am probably + not bad at it, I think it is simply unreasonable to expect all of + freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to + all be secure. Also, rxvt-unicode disables some options when it + detects that it runs setuid or setgid, which is not nice. + + Elevated privileges are only required for utmp and pty operations on + some systems (for example, GNU/Linux doesn't need any extra + privileges for ptys, but some need it for utmp support). If + rxvt-unicode doesn't support the library/setuid helper that your OS + needs I'll be happy to assist you in implementing support for it. + + So, while setuid/setgid operation is supported and not a problem on + your typical single-user-no-other-logins unix desktop, always + remember that its an awful lot of code, most of which isn't checked + for security issues regularly. + When I log-in to another system it tells me about missing terminfo data? The terminal description used by rxvt-unicode is not as widely available as that for xterm, or even rxvt (for which the same
-----END OF PAGE-----
-- Response ended
-- Page fetched on Sun Jun 2 13:31:44 2024