repo: rxvt-unicode-sixel
action: commit
revision: 
path_from: 
revision_from: c182a0c0091fa9f96dba83b74771502b3eccaeea:
path_to: 
revision_to: 

commit c182a0c0091fa9f96dba83b74771502b3eccaeea
Author: Marc Lehmann 
Date:   Mon Jan 9 01:54:43 2006 +0000

    *** empty log message ***

diff --git a/Changes b/Changes

--- a/Changes
+++ b/Changes
@@ -9,6 +9,8 @@ WISH: OnTheSpot editing, or maybe switch to miiiiiiif
 WISH: just for fun, do shade and tint with XRender.
 WISH: support tex fonts

+	- added sections for DISTRIBUTION MAINTAINERS and about
+          SETUID/SETGID operation tot he FAQ.
 	- selection, selection-popup and option-popup extensions
           enabled by default.
         - perl: much increased functionality, better overlays, popup support
diff --git a/README.FAQ b/README.FAQ

--- a/README.FAQ
+++ b/README.FAQ
@@ -103,6 +103,47 @@ FREQUENTLY ASKED QUESTIONS
         also a bug in the Debian version and it serves as a reminder for
         other users that might encounter the same issue.

+    I am maintaining rxvt-unicode for distribution/OS XXX, any
+    recommendation?
+        You should build one binary with the default options. configure now
+        enables most useful options, and the trend goes to making them
+        runtime-switchable, too, so there is usually no drawback to enbaling
+        them, except higher disk and possibly memory usage. The perl
+        interpreter should be enabled, as important functionality (menus,
+        selection, likely more in the future) depends on it.
+
+        You should not overwrite the "perl-ext-common" snd "perl-ext"
+        resources system-wide (except maybe with "defaults"). This will
+        result in useful behaviour. If your distribution aims at low memory,
+        add an empty "perl-ext-common" resource to the app-defaults file.
+        This will keep the perl interpreter disabled until the user enables
+        it.
+
+        If you can/want build more binaries, I recommend building a minimal
+        one with "--disable-everything" (very useful) and a maximal one with
+        "--enable-everything" (less useful, it will be very big due to a lot
+        of encodings built-in that increase download times and are rarely
+        used).
+
+    I need to make it setuid/setgid to support utmp/ptys on my OS, is this
+    safe?
+        Likely not. While I honestly try to make it secure, and am probably
+        not bad at it, I think it is simply unreasonable to expect all of
+        freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to
+        all be secure. Also, rxvt-unicode disables some options when it
+        detects that it runs setuid or setgid, which is not nice.
+
+        Elevated privileges are only required for utmp and pty operations on
+        some systems (for example, GNU/Linux doesn't need any extra
+        privileges for ptys, but some need it for utmp support). If
+        rxvt-unicode doesn't support the library/setuid helper that your OS
+        needs I'll be happy to assist you in implementing support for it.
+
+        So, while setuid/setgid operation is supported and not a problem on
+        your typical single-user-no-other-logins unix desktop, always
+        remember that its an awful lot of code, most of which isn't checked
+        for security issues regularly.
+
     When I log-in to another system it tells me about missing terminfo data?
         The terminal description used by rxvt-unicode is not as widely
         available as that for xterm, or even rxvt (for which the same
diff --git a/doc/rxvt.7.html b/doc/rxvt.7.html

--- a/doc/rxvt.7.html
+++ b/doc/rxvt.7.html
@@ -210,6 +210,53 @@ bug in the Debian version and it serves as a reminder for other users that
 might encounter the same issue.

 
 

+
I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?

+
+

+You should build one binary with the default options. configure
+now enables most useful options, and the trend goes to making them
+runtime-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+
+

+
You should not overwrite the perl-ext-common snd perl-ext resources
+system-wide (except maybe with defaults). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+perl-ext-common resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.
+
+

+
If you can/want build more binaries, I recommend building a minimal
+one with --disable-everything (very useful) and a maximal one with
+--enable-everything (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).
+
+

+
I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?

+
+

+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+
+

+
Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your OS needs I'll be happy to assist you
+in implementing support for it.
+
+

+
So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.
+
+

 
When I log-in to another system it tells me about missing terminfo data?

 
 

diff --git a/doc/rxvt.7.man.in b/doc/rxvt.7.man.in

--- a/doc/rxvt.7.man.in
+++ b/doc/rxvt.7.man.in
@@ -129,7 +129,7 @@
 .\" ========================================================================
 .\"
 .IX Title "rxvt 7"
-.TH rxvt 7 "2006-01-07" "6.3" "RXVT-UNICODE"
+.TH rxvt 7 "2006-01-09" "6.3" "RXVT-UNICODE"
 .SH "NAME"
 RXVT REFERENCE \- FAQ, command sequences and other background information
 .SH "SYNOPSIS"
@@ -269,6 +269,43 @@ For other problems that also affect the Debian package, you can and
 probably should use the Debian \s-1BTS\s0, too, because, after all, it's also a
 bug in the Debian version and it serves as a reminder for other users that
 might encounter the same issue.
+.IP "I am maintaining rxvt-unicode for distribution/OS \s-1XXX\s0, any recommendation?" 4
+.IX Item "I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?"
+You should build one binary with the default options. \fIconfigure\fR
+now enables most useful options, and the trend goes to making them
+runtime\-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+.Sp
+You should not overwrite the \f(CW\*(C`perl\-ext\-common\*(C'\fR snd \f(CW\*(C`perl\-ext\*(C'\fR resources
+system-wide (except maybe with \f(CW\*(C`defaults\*(C'\fR). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+\&\f(CW\*(C`perl\-ext\-common\*(C'\fR resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.
+.Sp
+If you can/want build more binaries, I recommend building a minimal
+one with \f(CW\*(C`\-\-disable\-everything\*(C'\fR (very useful) and a maximal one with
+\&\f(CW\*(C`\-\-enable\-everything\*(C'\fR (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).
+.IP "I need to make it setuid/setgid to support utmp/ptys on my \s-1OS\s0, is this safe?" 4
+.IX Item "I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?"
+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+.Sp
+Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your \s-1OS\s0 needs I'll be happy to assist you
+in implementing support for it.
+.Sp
+So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.
 .IP "When I log-in to another system it tells me about missing terminfo data?" 4
 .IX Item "When I log-in to another system it tells me about missing terminfo data?"
 The terminal description used by rxvt-unicode is not as widely available
diff --git a/doc/rxvt.7.pod b/doc/rxvt.7.pod

--- a/doc/rxvt.7.pod
+++ b/doc/rxvt.7.pod
@@ -134,6 +134,45 @@ probably should use the Debian BTS, too, because, after all, it's also a
 bug in the Debian version and it serves as a reminder for other users that
 might encounter the same issue.

+=item I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?
+
+You should build one binary with the default options. F
+now enables most useful options, and the trend goes to making them
+runtime-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+
+You should not overwrite the C snd C resources
+system-wide (except maybe with C). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+C resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.
+
+If you can/want build more binaries, I recommend building a minimal
+one with C<--disable-everything> (very useful) and a maximal one with
+C<--enable-everything> (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).
+
+=item I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?
+
+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+
+Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your OS needs I'll be happy to assist you
+in implementing support for it.
+
+So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.
+
 =item When I log-in to another system it tells me about missing terminfo data?

 The terminal description used by rxvt-unicode is not as widely available
diff --git a/doc/rxvt.7.txt b/doc/rxvt.7.txt

--- a/doc/rxvt.7.txt
+++ b/doc/rxvt.7.txt
@@ -124,6 +124,47 @@ FREQUENTLY ASKED QUESTIONS
         also a bug in the Debian version and it serves as a reminder for
         other users that might encounter the same issue.

+    I am maintaining rxvt-unicode for distribution/OS XXX, any
+    recommendation?
+        You should build one binary with the default options. configure now
+        enables most useful options, and the trend goes to making them
+        runtime-switchable, too, so there is usually no drawback to enbaling
+        them, except higher disk and possibly memory usage. The perl
+        interpreter should be enabled, as important functionality (menus,
+        selection, likely more in the future) depends on it.
+
+        You should not overwrite the "perl-ext-common" snd "perl-ext"
+        resources system-wide (except maybe with "defaults"). This will
+        result in useful behaviour. If your distribution aims at low memory,
+        add an empty "perl-ext-common" resource to the app-defaults file.
+        This will keep the perl interpreter disabled until the user enables
+        it.
+
+        If you can/want build more binaries, I recommend building a minimal
+        one with "--disable-everything" (very useful) and a maximal one with
+        "--enable-everything" (less useful, it will be very big due to a lot
+        of encodings built-in that increase download times and are rarely
+        used).
+
+    I need to make it setuid/setgid to support utmp/ptys on my OS, is this
+    safe?
+        Likely not. While I honestly try to make it secure, and am probably
+        not bad at it, I think it is simply unreasonable to expect all of
+        freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to
+        all be secure. Also, rxvt-unicode disables some options when it
+        detects that it runs setuid or setgid, which is not nice.
+
+        Elevated privileges are only required for utmp and pty operations on
+        some systems (for example, GNU/Linux doesn't need any extra
+        privileges for ptys, but some need it for utmp support). If
+        rxvt-unicode doesn't support the library/setuid helper that your OS
+        needs I'll be happy to assist you in implementing support for it.
+
+        So, while setuid/setgid operation is supported and not a problem on
+        your typical single-user-no-other-logins unix desktop, always
+        remember that its an awful lot of code, most of which isn't checked
+        for security issues regularly.
+
     When I log-in to another system it tells me about missing terminfo data?
         The terminal description used by rxvt-unicode is not as widely
         available as that for xterm, or even rxvt (for which the same

-----END OF PAGE-----