> I'm running stock NetBSD 1.2.1 on my IIci (with stock X 1.2), and it seems like 
> set-uid programs aren't working like set-uid programs.  The two examples I have 
> are xterm (specifically with the -C option), and xload.
> 
> Xterm is set-uid root, yet is unable to open /dev/console when given the -C 
> option.  Xload is set-gid kmem, yet is unable to open /dev/mem.  Both of these 
> programs work okay if I run them as root.  I can also chown /dev/console to me, 
> and then xterm -C works.
> 
> Anyone know what's going on?

I believe that these are discussed in the FAQ, but I'm not entirely sure, 
so here it goes...

/dev/console requires 2 things in order for you to be able to redirect it 
to either xconsole or xterm -C:

	1) options UCONSOLE in the kernel config (it's in the GENERIC config)
	2) /dev/console must be chowned to the user running the redirect 
		program or the user must have rw permissions on it

This seems like a bug, actually, but at the moment, that's the way it works.

As for xload, I think that the problem is that xload never makes setgid 
calls.  Just because you change the permissions on a file to be setgid, 
doesn't mean that it actually makes setgid() calls.  I have the feeling 
that this is the problem with xload, but I've never managed to get my 
hands on the source, so I just don't know for sure.  I have to run it as 
root myself...yuck!

I hope this helps.

Later.

-- 
Colin Wood                                      ender@is.rice.edu
Consultant                                        Rice University
Information Technology Services                       Houston, TX