following problems:
- xterm utmp handling problem.
- exploitable buffer overflows in xterm related to the preeditType,
inputMethod and *Keymap resources.
- fix xterm's mishandling of the -vb command line option.
- fix an invisible cursor problem with xterm.
- exploitable buffer overflows in setuid programs using the Xaw library
which are related to the preeditType and inputMethod resources.
installs the version of the port that uses shared library number 9 and the
LIBRARY_VERSION set to the default. Normally this is against our policy
(bumping the version number for minor things), however due to the major
problems caused with the upgrade, Satoshi and I decided that this was best.
Approved by: asami
ARROWPROTO -O2 -DHELP_PATH=\"/usr/X11R6/lib/X11/xmhelp/help:/usr/X11R6/lib/X11/xmhelp/pixmaps\" -DMOTIF -c HTML.c
HTML.c:226: `_XmGadgetArm' undeclared here (not in a function)
HTML.c:226: initializer element for `actionsList[6].proc' is not constant
HTML.c:227: `_XmGadgetActivate' undeclared here (not in a function)
HTML.c:227: initializer element for `actionsList[7].proc' is not constant
HTML.c:228: `_XmManagerEnter' undeclared here (not in a function)
HTML.c:228: initializer element for `actionsList[8].proc' is not constant
HTML.c:229: `_XmManagerFocusIn' undeclared here (not in a function)
HTML.c:229: initializer element for `actionsList[9].proc' is not constant
HTML.c:230: `_XmManagerHelp' undeclared here (not in a function)
HTML.c:230: initializer element for `actionsList[10].proc' is not constant
HTML.c: In function `Redisplay':
HTML.c:2029: warning: passing arg 1 of `XmeRedisplayGadgets' from incompatible pointer type
HTML.c:2029: warning: passing arg 2 of `XmeRedisplayGadgets' from incompatible pointer type
*** Error code 1
Stop.
o XDM-AUTHORIZATION-1 is more automated for the non-USA case.
o PST's KerberosIV patches are reinstated for XDM. This is NOT
a full-blown KerberosIV implementation for X - this will
just get you a TGT when you log in - THATS ALL!
o Enable compilation of SecureRPC. The use of SecureRPC at the
moment is frought with danger! I have no idea how safe or
good the implementation is. Enable at your own peril!! (Secure
RPC is only available for those folk using 3.0-Current).
Also allow XF86Setup to use TK-8.0.
OK'ed By: JMZ
The original version was not compatible with the FreeBSD version of "su"
(it assumed that "su - -c CMD" executed CMD as root), and it required root
to have a POSIX shell as login shell (not a C shell).
The original "xhost +local:root" could mislead the user to assume that
only root was given permission to access hist X11 display, but the user
parameter is ignored by xhost (as of XFree86 3.3.1). This allows *every*
user on the local system to grab all keypresses or screen contents while
kfmsu2 has not run to completion. Starting several instances of kfmsu and
leaving one will revoke access to the X11 display to all others ...
In fact, kfmsu might be considered *that* broken by design, that it should
not be installed, but it's a part of kdebase and I do not want to disable
it in case somebody has a legitimate use for it ...
The non-functionality of kfmsu was pointed out by Glenn Johnson.