… | |
… | |
121 | |
121 | |
122 | For other problems that also affect the Debian package, you can and |
122 | For other problems that also affect the Debian package, you can and |
123 | probably should use the Debian BTS, too, because, after all, it's |
123 | probably should use the Debian BTS, too, because, after all, it's |
124 | also a bug in the Debian version and it serves as a reminder for |
124 | also a bug in the Debian version and it serves as a reminder for |
125 | other users that might encounter the same issue. |
125 | other users that might encounter the same issue. |
|
|
126 | |
|
|
127 | I am maintaining rxvt-unicode for distribution/OS XXX, any |
|
|
128 | recommendation? |
|
|
129 | You should build one binary with the default options. configure now |
|
|
130 | enables most useful options, and the trend goes to making them |
|
|
131 | runtime-switchable, too, so there is usually no drawback to enbaling |
|
|
132 | them, except higher disk and possibly memory usage. The perl |
|
|
133 | interpreter should be enabled, as important functionality (menus, |
|
|
134 | selection, likely more in the future) depends on it. |
|
|
135 | |
|
|
136 | You should not overwrite the "perl-ext-common" snd "perl-ext" |
|
|
137 | resources system-wide (except maybe with "defaults"). This will |
|
|
138 | result in useful behaviour. If your distribution aims at low memory, |
|
|
139 | add an empty "perl-ext-common" resource to the app-defaults file. |
|
|
140 | This will keep the perl interpreter disabled until the user enables |
|
|
141 | it. |
|
|
142 | |
|
|
143 | If you can/want build more binaries, I recommend building a minimal |
|
|
144 | one with "--disable-everything" (very useful) and a maximal one with |
|
|
145 | "--enable-everything" (less useful, it will be very big due to a lot |
|
|
146 | of encodings built-in that increase download times and are rarely |
|
|
147 | used). |
|
|
148 | |
|
|
149 | I need to make it setuid/setgid to support utmp/ptys on my OS, is this |
|
|
150 | safe? |
|
|
151 | Likely not. While I honestly try to make it secure, and am probably |
|
|
152 | not bad at it, I think it is simply unreasonable to expect all of |
|
|
153 | freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to |
|
|
154 | all be secure. Also, rxvt-unicode disables some options when it |
|
|
155 | detects that it runs setuid or setgid, which is not nice. |
|
|
156 | |
|
|
157 | Elevated privileges are only required for utmp and pty operations on |
|
|
158 | some systems (for example, GNU/Linux doesn't need any extra |
|
|
159 | privileges for ptys, but some need it for utmp support). If |
|
|
160 | rxvt-unicode doesn't support the library/setuid helper that your OS |
|
|
161 | needs I'll be happy to assist you in implementing support for it. |
|
|
162 | |
|
|
163 | So, while setuid/setgid operation is supported and not a problem on |
|
|
164 | your typical single-user-no-other-logins unix desktop, always |
|
|
165 | remember that its an awful lot of code, most of which isn't checked |
|
|
166 | for security issues regularly. |
126 | |
167 | |
127 | When I log-in to another system it tells me about missing terminfo data? |
168 | When I log-in to another system it tells me about missing terminfo data? |
128 | The terminal description used by rxvt-unicode is not as widely |
169 | The terminal description used by rxvt-unicode is not as widely |
129 | available as that for xterm, or even rxvt (for which the same |
170 | available as that for xterm, or even rxvt (for which the same |
130 | problem often arises). |
171 | problem often arises). |