--- rxvt-unicode/src/main.C	2006/01/17 10:14:26	1.182
+++ rxvt-unicode/src/main.C	2006/01/17 15:41:33	1.186
@@ -211,11 +211,7 @@
   if (cmd_pid)
     kill (-cmd_pid, SIGHUP);
 
-#ifdef UTMP_SUPPORT
-  privileged_utmp (RESTORE);
-#endif
-
-  pty.put ();
+  delete pty; pty = 0;
 }
 
 rxvt_term::~rxvt_term ()
@@ -511,6 +507,8 @@
     }
 #endif
 
+  pty = rxvt_new_ptytty ();
+
   create_windows (argc, argv);
 
   dDisp;
@@ -545,8 +543,8 @@
 
   free (cmd_argv);
 
-  if (pty.pty >= 0)
-    pty_ev.start (pty.pty, EVENT_READ);
+  if (pty->pty >= 0)
+    pty_ev.start (pty->pty, EVENT_READ);
 
   check_ev.start ();
 
@@ -600,6 +598,38 @@
 void
 rxvt_init ()
 {
+  uid_t uid = getuid ();
+  gid_t gid = getgid ();
+      
+  // before doing anything else, check for setuid/setgid operation,
+  // start the helper process and drop privileges
+  if (uid != geteuid ()
+      || 1 //D
+      || gid != getegid ())
+    {
+#if PTYTTY_HELPER
+      rxvt_ptytty_server ();
+#else
+      rxvt_warn ("running setuid/setgid without pty helper compiled in, continuing unprivileged.\n");
+#endif
+
+      // drop privileges
+#if HAVE_SETRESUID
+      setresgid (gid, gid, gid);
+      setresuid (uid, uid, uid);
+#elif HAVE_SETREUID
+      setregid (gid, gid);
+      setreuid (uid, uid);
+#elif HAVE_SETUID
+      setgid (gid);
+      setuid (uid);
+#endif
+
+      if (uid != geteuid ()
+          || gid != getegid ())
+        rxvt_fatal ("unable to drop privileges, aborting.\n");
+    }
+
   rxvt_environ = environ;
 
   /*
@@ -715,25 +745,6 @@
 #endif
 }
 
-#ifdef UTMP_SUPPORT
-void
-rxvt_term::privileged_utmp (rxvt_privaction action)
-{
-  if (OPTION (Opt_utmpInhibit)
-      || !pty.name || !*pty.name)
-    return;
-
-  rxvt_privileges (RESTORE);
-
-  if (action == SAVE)
-    pty.login (cmd_pid, OPTION (Opt_loginShell), rs[Rs_display_name]);
-  else
-    pty.logout ();
-
-  rxvt_privileges (IGNORE);
-}
-#endif
-
 /*----------------------------------------------------------------------*/
 /*
  * window size/position calculcations for XSizeHint and other storage.
@@ -876,7 +887,7 @@
 void
 rxvt_term::tt_winch ()
 {
-  if (pty.pty < 0)
+  if (pty->pty < 0)
     return;
 
   struct winsize ws;
@@ -885,7 +896,7 @@
   ws.ws_row = nrow;
   ws.ws_xpixel = width;
   ws.ws_ypixel = height;
-  (void)ioctl (pty.pty, TIOCSWINSZ, &ws);
+  (void)ioctl (pty->pty, TIOCSWINSZ, &ws);
 
 #if 0
   // TIOCSWINSZ⎈ is supposed to do this automatically and correctly