… | |
… | |
165 | of encodings built-in that increase download times and are rarely |
165 | of encodings built-in that increase download times and are rarely |
166 | used). |
166 | used). |
167 | |
167 | |
168 | I need to make it setuid/setgid to support utmp/ptys on my OS, is this |
168 | I need to make it setuid/setgid to support utmp/ptys on my OS, is this |
169 | safe? |
169 | safe? |
170 | Likely not. While I honestly try to make it secure, and am probably |
170 | It should be, starting with release 7.1. You are encouraged to |
171 | not bad at it, I think it is simply unreasonable to expect all of |
171 | properly install urxvt with privileges necessary for your OS now. |
172 | freetype + fontconfig + xft + xlib + perl + ... + rxvt-unicode |
172 | |
173 | itself to all be secure. Also, rxvt-unicode disables some options |
|
|
174 | when it detects that it runs setuid or setgid, which is not nice. |
173 | When rxvt-unicode detects that it runs setuid or setgid, it will |
175 | Besides, with the embedded perl interpreter the possibility for |
174 | fork into a helper process for privileged operations (pty handling |
176 | security problems easily multiplies. |
175 | on some systems, utmp/wtmp/lastlog handling on others) and drop |
|
|
176 | privileges immediately. This is much safer than most other terminals |
|
|
177 | that keep privileges while running (but is more relevant to urxvt, |
|
|
178 | as it contains things as perl interpreters, which might be "helpful" |
|
|
179 | to attackers). |
177 | |
180 | |
178 | Elevated privileges are only required for utmp and pty operations on |
181 | This forking is done as the very first within main(), which is very |
179 | some systems (for example, GNU/Linux doesn't need any extra |
182 | early and reduces possible bugs to initialisation code run before |
180 | privileges for ptys, but some need it for utmp support). It is |
183 | main(), or things like the dynamic loader of your system, which |
181 | planned to mvoe this into a forked handler process, but this is not |
184 | should result in very little risk. |
182 | yet done. |
|
|
183 | |
|
|
184 | So, while setuid/setgid operation is supported and not a problem on |
|
|
185 | your typical single-user-no-other-logins unix desktop, always |
|
|
186 | remember that its an awful lot of code, most of which isn't checked |
|
|
187 | for security issues regularly. |
|
|
188 | |
185 | |
189 | When I log-in to another system it tells me about missing terminfo data? |
186 | When I log-in to another system it tells me about missing terminfo data? |
190 | The terminal description used by rxvt-unicode is not as widely |
187 | The terminal description used by rxvt-unicode is not as widely |
191 | available as that for xterm, or even rxvt (for which the same |
188 | available as that for xterm, or even rxvt (for which the same |
192 | problem often arises). |
189 | problem often arises). |
… | |
… | |
580 | |
577 | |
581 | My input method wants <some encoding> but I want UTF-8, what can I do? |
578 | My input method wants <some encoding> but I want UTF-8, what can I do? |
582 | You can specify separate locales for the input method and the rest |
579 | You can specify separate locales for the input method and the rest |
583 | of the terminal, using the resource "imlocale": |
580 | of the terminal, using the resource "imlocale": |
584 | |
581 | |
585 | URxvt*imlocale: ja_JP.EUC-JP |
582 | URxvt.imlocale: ja_JP.EUC-JP |
586 | |
583 | |
587 | Now you can start your terminal with "LC_CTYPE=ja_JP.UTF-8" and |
584 | Now you can start your terminal with "LC_CTYPE=ja_JP.UTF-8" and |
588 | still use your input method. Please note, however, that you will not |
585 | still use your input method. Please note, however, that you will not |
589 | be able to input characters outside "EUC-JP" in a normal way then, |
586 | be able to input characters outside "EUC-JP" in a normal way then, |
590 | as your input method limits you. |
587 | as your input method limits you. |