… | |
… | |
131 | |
131 | |
132 | For other problems that also affect the Debian package, you can and |
132 | For other problems that also affect the Debian package, you can and |
133 | probably should use the Debian BTS, too, because, after all, it's also a |
133 | probably should use the Debian BTS, too, because, after all, it's also a |
134 | bug in the Debian version and it serves as a reminder for other users that |
134 | bug in the Debian version and it serves as a reminder for other users that |
135 | might encounter the same issue. |
135 | might encounter the same issue. |
|
|
136 | |
|
|
137 | =item I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation? |
|
|
138 | |
|
|
139 | You should build one binary with the default options. F<configure> |
|
|
140 | now enables most useful options, and the trend goes to making them |
|
|
141 | runtime-switchable, too, so there is usually no drawback to enbaling them, |
|
|
142 | except higher disk and possibly memory usage. The perl interpreter should |
|
|
143 | be enabled, as important functionality (menus, selection, likely more in |
|
|
144 | the future) depends on it. |
|
|
145 | |
|
|
146 | You should not overwrite the C<perl-ext-common> snd C<perl-ext> resources |
|
|
147 | system-wide (except maybe with C<defaults>). This will result in useful |
|
|
148 | behaviour. If your distribution aims at low memory, add an empty |
|
|
149 | C<perl-ext-common> resource to the app-defaults file. This will keep the |
|
|
150 | perl interpreter disabled until the user enables it. |
|
|
151 | |
|
|
152 | If you can/want build more binaries, I recommend building a minimal |
|
|
153 | one with C<--disable-everything> (very useful) and a maximal one with |
|
|
154 | C<--enable-everything> (less useful, it will be very big due to a lot of |
|
|
155 | encodings built-in that increase download times and are rarely used). |
|
|
156 | |
|
|
157 | =item I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe? |
|
|
158 | |
|
|
159 | Likely not. While I honestly try to make it secure, and am probably |
|
|
160 | not bad at it, I think it is simply unreasonable to expect all of |
|
|
161 | freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be |
|
|
162 | secure. Also, rxvt-unicode disables some options when it detects that it |
|
|
163 | runs setuid or setgid, which is not nice. |
|
|
164 | |
|
|
165 | Elevated privileges are only required for utmp and pty operations on some |
|
|
166 | systems (for example, GNU/Linux doesn't need any extra privileges for |
|
|
167 | ptys, but some need it for utmp support). If rxvt-unicode doesn't support |
|
|
168 | the library/setuid helper that your OS needs I'll be happy to assist you |
|
|
169 | in implementing support for it. |
|
|
170 | |
|
|
171 | So, while setuid/setgid operation is supported and not a problem on your |
|
|
172 | typical single-user-no-other-logins unix desktop, always remember that |
|
|
173 | its an awful lot of code, most of which isn't checked for security issues |
|
|
174 | regularly. |
136 | |
175 | |
137 | =item When I log-in to another system it tells me about missing terminfo data? |
176 | =item When I log-in to another system it tells me about missing terminfo data? |
138 | |
177 | |
139 | The terminal description used by rxvt-unicode is not as widely available |
178 | The terminal description used by rxvt-unicode is not as widely available |
140 | as that for xterm, or even rxvt (for which the same problem often arises). |
179 | as that for xterm, or even rxvt (for which the same problem often arises). |