--- rxvt-unicode/doc/rxvt.7.man.in 2006/01/16 14:48:39 1.46 +++ rxvt-unicode/doc/rxvt.7.man.in 2006/01/19 19:26:31 1.50 @@ -129,7 +129,7 @@ .\" ======================================================================== .\" .IX Title "rxvt 7" -.TH rxvt 7 "2006-01-16" "7.0" "RXVT-UNICODE" +.TH rxvt 7 "2006-01-19" "7.1" "RXVT-UNICODE" .SH "NAME" RXVT REFERENCE \- FAQ, command sequences and other background information .SH "SYNOPSIS" @@ -301,13 +301,13 @@ .IP "I am using Debian GNU/Linux and have a problem..." 4 .IX Item "I am using Debian GNU/Linux and have a problem..." The Debian GNU/Linux package of rxvt-unicode in sarge contains large -patches that considerably change the behaviour of rxvt\-unicode. Before -reporting a bug to the original rxvt-unicode author please download and -install the genuine version () -and try to reproduce the problem. If you cannot, chances are that the -problems are specific to Debian GNU/Linux, in which case it should be -reported via the Debian Bug Tracking System (use \f(CW\*(C`reportbug\*(C'\fR to report -the bug). +patches that considerably change the behaviour of rxvt-unicode (but +unfortunately this notice has been removed). Before reporting a bug to +the original rxvt-unicode author please download and install the genuine +version () and try to reproduce +the problem. If you cannot, chances are that the problems are specific to +Debian GNU/Linux, in which case it should be reported via the Debian Bug +Tracking System (use \f(CW\*(C`reportbug\*(C'\fR to report the bug). .Sp For other problems that also affect the Debian package, you can and probably should use the Debian \s-1BTS\s0, too, because, after all, it's also a @@ -334,22 +334,20 @@ encodings built-in that increase download times and are rarely used). .IP "I need to make it setuid/setgid to support utmp/ptys on my \s-1OS\s0, is this safe?" 4 .IX Item "I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?" -Likely not. While I honestly try to make it secure, and am probably not -bad at it, I think it is simply unreasonable to expect all of freetype -+ fontconfig + xft + xlib + perl + ... + rxvt-unicode itself to all be -secure. Also, rxvt-unicode disables some options when it detects that it -runs setuid or setgid, which is not nice. Besides, with the embedded perl -interpreter the possibility for security problems easily multiplies. -.Sp -Elevated privileges are only required for utmp and pty operations on some -systems (for example, GNU/Linux doesn't need any extra privileges for -ptys, but some need it for utmp support). It is planned to mvoe this into -a forked handler process, but this is not yet done. -.Sp -So, while setuid/setgid operation is supported and not a problem on your -typical single-user-no-other-logins unix desktop, always remember that -its an awful lot of code, most of which isn't checked for security issues -regularly. +It should be, starting with release 7.1. You are encouraged to properly +install urxvt with privileges necessary for your \s-1OS\s0 now. +.Sp +When rxvt-unicode detects that it runs setuid or setgid, it will fork +into a helper process for privileged operations (pty handling on some +systems, utmp/wtmp/lastlog handling on others) and drop privileges +immediately. This is much safer than most other terminals that keep +privileges while running (but is more relevant to urxvt, as it contains +things as perl interpreters, which might be \*(L"helpful\*(R" to attackers). +.Sp +This forking is done as the very first within \fImain()\fR, which is very early +and reduces possible bugs to initialisation code run before \fImain()\fR, or +things like the dynamic loader of your system, which should result in very +little risk. .IP "When I log-in to another system it tells me about missing terminfo data?" 4 .IX Item "When I log-in to another system it tells me about missing terminfo data?" The terminal description used by rxvt-unicode is not as widely available @@ -777,7 +775,7 @@ terminal, using the resource \f(CW\*(C`imlocale\*(C'\fR: .Sp .Vb 1 -\& URxvt*imlocale: ja_JP.EUC-JP +\& URxvt.imlocale: ja_JP.EUC-JP .Ve .Sp Now you can start your terminal with \f(CW\*(C`LC_CTYPE=ja_JP.UTF\-8\*(C'\fR and still @@ -1060,8 +1058,8 @@ .IX Header "DESCRIPTION" The rest of this document describes various technical aspects of \&\fBrxvt-unicode\fR. First the description of supported command sequences, -followed by menu and pixmap support and last by a description of all -features selectable at \f(CW\*(C`configure\*(C'\fR time. +followed by pixmap support and last by a description of all features +selectable at \f(CW\*(C`configure\*(C'\fR time. .SH "Definitions" .IX Header "Definitions" .ie n .IP "\fB\fB""c""\fB\fR" 4 @@ -1813,7 +1811,7 @@ Ps = 17 Change colour of highlight characters to Pt Ps = 18 Change colour of bold characters to Pt [deprecated, see 706] Ps = 19 Change colour of underlined characters to Pt [deprecated, see 707] -Ps = 20 Change default background to Pt +Ps = 20 Change background pixmap parameters (see section XPM) (Compile XPM). Ps = 39 Change default foreground colour to Pt. Ps = 46 Change Log File to Pt unimplemented Ps = 49 Change default background colour to Pt. @@ -2129,10 +2127,6 @@ Add support for a very unobtrusive, plain-looking scrollbar that is the favourite of the rxvt-unicode author, having used it for many years. -.IP "\-\-enable\-half\-shadow (default: off)" 4 -.IX Item "--enable-half-shadow (default: off)" -Make shadows on the scrollbar only half the normal width & height. -only applicable to rxvt scrollbars. .IP "\-\-enable\-ttygid (default: off)" 4 .IX Item "--enable-ttygid (default: off)" Change tty device setting to group \*(L"tty\*(R" \- only use this if