Документ взят из кэша поисковой машины. Адрес
оригинального документа
: http://www.sao.ru/hq/sts/linux/doc/nedit/faq/sect_server_mode.shtml
Дата изменения: Unknown Дата индексирования: Sat Sep 11 22:00:06 2010 Кодировка: Поисковые слова: п п п п р п р п р п р п р п р п р п р п р п |
nc
as an external
editor from my mailer, but my mailer doesn't wait for the editor
to finish
nc
; the file was opened in the root's nedit
1. I use a mailer which can invoke an external editor, but if I use nc, the mailer process continues and assumes the editor has finished, when in fact it hasn't.
nc is actually finished communicating with the NEdit server when it returns. It's possible to create a shell command that invokes nc and then goes to sleep, and a second script to be run from the NEdit Shell menu, which looks for the sleeping process with a matching file name and kills it. Try the shell scripts in:
ftp://ftp.nedit.org/pub/contrib/misc/nc_and_wait.tar
2. I started nedit (via nc
) as root, and then
later tried to edit a file as myself with nc
. I was very
suprised to see that a new nedit wasn't started--rather, I was given
the old nedit window, with root permissions. Isn't this a security
hole?
Actually, NEdit does check who the user is. When you use the su command, however, several Unix variants return the original user name in response to the standard C library calls for getting a user name, rather than the name to which you have su'd. Starting with version 5.1, a different mechanism is used for getting this information, so you shouldn't see this problem any more.
In your case, my guess is that you used su to become root, then started an nedit server as root. On a system which returns the original user name, both the new server and the nc client program think the user name is your original user name, so the server accepts requests from both you as root and you as you.
The security of an nedit session, depends upon the security of your X server. Only those with access to your screen can send commands to an nedit server, but they can also send keystrokes to any nedit, or a shell window, etc... Anyhow, just upgrade to the latest NEdit version.