The LTSP 4.2 distribution includes 3 setuid files, namely i386/libexec/ssh-keysign i386/sbin/unix_chkpwd i386/usr/X11R6/bin/Xorg These files reside on the server and create a potential security hazard, because if one of these programs contains a bug then a user may be able to get root privilege on the server. This is a greater worry than for other setuid programs because we cannot rely on the automatic update system provided by SuSE and other suppliers. I have a strong suspicion that at least some of these programs do not need setuid privilege, and so the danger could be removed with no loss of functionality. For example: (1) Xorg only needs to be setuid root on systems where an unprivileged user needs to start the X server. (2) ssh-keysign only needs privilege if unprivileged users need to run ssh clients with hostbased trusting. (3) unix_chkpwd only needs provilege if the client needs to check passwords on the local machine. I suggest that these programs are distributed without setuid privilege, and if you are certain that some configurations require it then make the configuration process grant privilege when it is needed. Bob
Bob Do you still experience this issue with newer drivers ? Please check the status of your issue.
Sorry, we do not run LTSP any more so I am not in a position to test
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.