10.4: Remove the xterm pty/tty warning

May 28, '05 09:37:00AM

Contributed by: memoryhole2

Tiger only hintWhen I upgraded to 10.4, suddenly almost every time I launched an xterm window, I would get a warning that looked like this:

Warning: could not change ownership of tty -- pty is insecure!

Well no longer -- I found the culprit. It turns out that xterm invisibly runs a program called luit to do all the proper character encoding. On 10.3, I didn't use any special character encoding (though I'd twiddled with UTF-8 from time to time), or so I thought. Now that I'm in 10.4, apparently I am. Unfortunately, according to luit's man page:

On systems without SVR4 (``Unix-98'') ptys (notably BSD variants), running luit as an ordinary user will leave the tty world-writable; this is a security hole, and luit will generate a warning (but still accept to run). A possible solution is to make luit suid root; luit should drop privileges sufficiently early to make this safe. However, the startup code has not been exhaustively audited, and the author takes no responsibility for any resulting security issues.
As you may have guessed, OS X is a BSD-variant. There are two solutions:
  1. Make luit suid-root. This has the obvious drawback of creating yet another suid program on your system, and Disk Utility will "fix" it back to the way it came. But, it works.
  2. The second alternative is hinted at in the xterm man page. To wit:
    Encodings other than UTF-8 are supported by using luit.
    Translation? Tell xterm to use UTF-8 encoding, specifically. The easiest way to do that is to run uxterm instead of xterm. Back on 10.3, I had problems with vim freezing or crashing if I ran it inside a UTF-8-enabled xterm, but these problems seem to be resolved in 10.4.
[robg adds: I haven't tested this one...]

Comments (2)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20050517165140613