Документ взят из кэша поисковой машины. Адрес оригинального документа : http://mavr.sao.ru/hq/sts/linux/doc/nedit/faq/sect_server_mode.shtml
Дата изменения: Unknown
Дата индексирования: Fri Dec 28 20:23:54 2007
Кодировка:

Поисковые слова: п п п п п п п п п п р п р п р п р п р п
[NEdit] FAQ: Server mode and nc

Server mode and nc

  1. I want to use nc as an external editor from my mailer, but my mailer doesn't wait for the editor to finish
  2. I started nedit as root, then tried later to edit a file as myself with nc; the file was opened in the root's nedit

1. I use a mailer which can invoke an external editor, but if I use nc, the mailer process continues and assumes the editor has finished, when in fact it hasn't.

nc is actually finished communicating with the NEdit server when it returns. It's possible to create a shell command that invokes nc and then goes to sleep, and a second script to be run from the NEdit Shell menu, which looks for the sleeping process with a matching file name and kills it. Try the shell scripts in:

ftp://ftp.nedit.org/pub/contrib/misc/nc_and_wait.tar


2. I started nedit (via nc) as root, and then later tried to edit a file as myself with nc. I was very suprised to see that a new nedit wasn't started--rather, I was given the old nedit window, with root permissions. Isn't this a security hole?

Actually, NEdit does check who the user is. When you use the su command, however, several Unix variants return the original user name in response to the standard C library calls for getting a user name, rather than the name to which you have su'd. Starting with version 5.1, a different mechanism is used for getting this information, so you shouldn't see this problem any more.

In your case, my guess is that you used su to become root, then started an nedit server as root. On a system which returns the original user name, both the new server and the nc client program think the user name is your original user name, so the server accepts requests from both you as root and you as you.

The security of an nedit session, depends upon the security of your X server. Only those with access to your screen can send commands to an nedit server, but they can also send keystrokes to any nedit, or a shell window, etc... Anyhow, just upgrade to the latest NEdit version.


[Features] [FAQ Contents] [Editing techniques]