WISH: just for fun, do shade and tint with XRender.
WISH: support tex fonts
+ - added sections for DISTRIBUTION MAINTAINERS and about
+ SETUID/SETGID operation tot he FAQ.
- selection, selection-popup and option-popup extensions
enabled by default.
- perl: much increased functionality, better overlays, popup support
also a bug in the Debian version and it serves as a reminder for
other users that might encounter the same issue.
+ I am maintaining rxvt-unicode for distribution/OS XXX, any
+ recommendation?
+ You should build one binary with the default options. configure now
+ enables most useful options, and the trend goes to making them
+ runtime-switchable, too, so there is usually no drawback to enbaling
+ them, except higher disk and possibly memory usage. The perl
+ interpreter should be enabled, as important functionality (menus,
+ selection, likely more in the future) depends on it.
+
+ You should not overwrite the "perl-ext-common" snd "perl-ext"
+ resources system-wide (except maybe with "defaults"). This will
+ result in useful behaviour. If your distribution aims at low memory,
+ add an empty "perl-ext-common" resource to the app-defaults file.
+ This will keep the perl interpreter disabled until the user enables
+ it.
+
+ If you can/want build more binaries, I recommend building a minimal
+ one with "--disable-everything" (very useful) and a maximal one with
+ "--enable-everything" (less useful, it will be very big due to a lot
+ of encodings built-in that increase download times and are rarely
+ used).
+
+ I need to make it setuid/setgid to support utmp/ptys on my OS, is this
+ safe?
+ Likely not. While I honestly try to make it secure, and am probably
+ not bad at it, I think it is simply unreasonable to expect all of
+ freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to
+ all be secure. Also, rxvt-unicode disables some options when it
+ detects that it runs setuid or setgid, which is not nice.
+
+ Elevated privileges are only required for utmp and pty operations on
+ some systems (for example, GNU/Linux doesn't need any extra
+ privileges for ptys, but some need it for utmp support). If
+ rxvt-unicode doesn't support the library/setuid helper that your OS
+ needs I'll be happy to assist you in implementing support for it.
+
+ So, while setuid/setgid operation is supported and not a problem on
+ your typical single-user-no-other-logins unix desktop, always
+ remember that its an awful lot of code, most of which isn't checked
+ for security issues regularly.
+
When I log-in to another system it tells me about missing terminfo data?
The terminal description used by rxvt-unicode is not as widely
available as that for xterm, or even rxvt (for which the same
might encounter the same issue.</p>
</dd>
<p></p>
+<dt><strong><a name="item_i_am_maintaining_rxvt_2dunicode_for_distribution_2">I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?</a></strong><br />
+</dt>
+<dd>
+You should build one binary with the default options. <em>configure</em>
+now enables most useful options, and the trend goes to making them
+runtime-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+</dd>
+<dd>
+<p>You should not overwrite the <code>perl-ext-common</code> snd <code>perl-ext</code> resources
+system-wide (except maybe with <code>defaults</code>). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+<code>perl-ext-common</code> resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.</p>
+</dd>
+<dd>
+<p>If you can/want build more binaries, I recommend building a minimal
+one with <code>--disable-everything</code> (very useful) and a maximal one with
+<a href="#item__2d_2denable_2deverything"><code>--enable-everything</code></a> (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).</p>
+</dd>
+<p></p>
+<dt><strong><a name="item_i_need_to_make_it_setuid_2fsetgid_to_support_utmp_">I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?</a></strong><br />
+</dt>
+<dd>
+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+</dd>
+<dd>
+<p>Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your OS needs I'll be happy to assist you
+in implementing support for it.</p>
+</dd>
+<dd>
+<p>So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.</p>
+</dd>
+<p></p>
<dt><strong><a name="item_when_i_log_2din_to_another_system_it_tells_me_abou">When I log-in to another system it tells me about missing terminfo data?</a></strong><br />
</dt>
<dd>
.\" ========================================================================
.\"
.IX Title "rxvt 7"
-.TH rxvt 7 "2006-01-07" "6.3" "RXVT-UNICODE"
+.TH rxvt 7 "2006-01-09" "6.3" "RXVT-UNICODE"
.SH "NAME"
RXVT REFERENCE \- FAQ, command sequences and other background information
.SH "SYNOPSIS"
probably should use the Debian \s-1BTS\s0, too, because, after all, it's also a
bug in the Debian version and it serves as a reminder for other users that
might encounter the same issue.
+.IP "I am maintaining rxvt-unicode for distribution/OS \s-1XXX\s0, any recommendation?" 4
+.IX Item "I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?"
+You should build one binary with the default options. \fIconfigure\fR
+now enables most useful options, and the trend goes to making them
+runtime\-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+.Sp
+You should not overwrite the \f(CW\*(C`perl\-ext\-common\*(C'\fR snd \f(CW\*(C`perl\-ext\*(C'\fR resources
+system-wide (except maybe with \f(CW\*(C`defaults\*(C'\fR). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+\&\f(CW\*(C`perl\-ext\-common\*(C'\fR resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.
+.Sp
+If you can/want build more binaries, I recommend building a minimal
+one with \f(CW\*(C`\-\-disable\-everything\*(C'\fR (very useful) and a maximal one with
+\&\f(CW\*(C`\-\-enable\-everything\*(C'\fR (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).
+.IP "I need to make it setuid/setgid to support utmp/ptys on my \s-1OS\s0, is this safe?" 4
+.IX Item "I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?"
+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+.Sp
+Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your \s-1OS\s0 needs I'll be happy to assist you
+in implementing support for it.
+.Sp
+So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.
.IP "When I log-in to another system it tells me about missing terminfo data?" 4
.IX Item "When I log-in to another system it tells me about missing terminfo data?"
The terminal description used by rxvt-unicode is not as widely available
bug in the Debian version and it serves as a reminder for other users that
might encounter the same issue.
+=item I am maintaining rxvt-unicode for distribution/OS XXX, any recommendation?
+
+You should build one binary with the default options. F<configure>
+now enables most useful options, and the trend goes to making them
+runtime-switchable, too, so there is usually no drawback to enbaling them,
+except higher disk and possibly memory usage. The perl interpreter should
+be enabled, as important functionality (menus, selection, likely more in
+the future) depends on it.
+
+You should not overwrite the C<perl-ext-common> snd C<perl-ext> resources
+system-wide (except maybe with C<defaults>). This will result in useful
+behaviour. If your distribution aims at low memory, add an empty
+C<perl-ext-common> resource to the app-defaults file. This will keep the
+perl interpreter disabled until the user enables it.
+
+If you can/want build more binaries, I recommend building a minimal
+one with C<--disable-everything> (very useful) and a maximal one with
+C<--enable-everything> (less useful, it will be very big due to a lot of
+encodings built-in that increase download times and are rarely used).
+
+=item I need to make it setuid/setgid to support utmp/ptys on my OS, is this safe?
+
+Likely not. While I honestly try to make it secure, and am probably
+not bad at it, I think it is simply unreasonable to expect all of
+freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to all be
+secure. Also, rxvt-unicode disables some options when it detects that it
+runs setuid or setgid, which is not nice.
+
+Elevated privileges are only required for utmp and pty operations on some
+systems (for example, GNU/Linux doesn't need any extra privileges for
+ptys, but some need it for utmp support). If rxvt-unicode doesn't support
+the library/setuid helper that your OS needs I'll be happy to assist you
+in implementing support for it.
+
+So, while setuid/setgid operation is supported and not a problem on your
+typical single-user-no-other-logins unix desktop, always remember that
+its an awful lot of code, most of which isn't checked for security issues
+regularly.
+
=item When I log-in to another system it tells me about missing terminfo data?
The terminal description used by rxvt-unicode is not as widely available
also a bug in the Debian version and it serves as a reminder for
other users that might encounter the same issue.
+ I am maintaining rxvt-unicode for distribution/OS XXX, any
+ recommendation?
+ You should build one binary with the default options. configure now
+ enables most useful options, and the trend goes to making them
+ runtime-switchable, too, so there is usually no drawback to enbaling
+ them, except higher disk and possibly memory usage. The perl
+ interpreter should be enabled, as important functionality (menus,
+ selection, likely more in the future) depends on it.
+
+ You should not overwrite the "perl-ext-common" snd "perl-ext"
+ resources system-wide (except maybe with "defaults"). This will
+ result in useful behaviour. If your distribution aims at low memory,
+ add an empty "perl-ext-common" resource to the app-defaults file.
+ This will keep the perl interpreter disabled until the user enables
+ it.
+
+ If you can/want build more binaries, I recommend building a minimal
+ one with "--disable-everything" (very useful) and a maximal one with
+ "--enable-everything" (less useful, it will be very big due to a lot
+ of encodings built-in that increase download times and are rarely
+ used).
+
+ I need to make it setuid/setgid to support utmp/ptys on my OS, is this
+ safe?
+ Likely not. While I honestly try to make it secure, and am probably
+ not bad at it, I think it is simply unreasonable to expect all of
+ freetype + fontconfig + xft + xlib + ... + rxvt-unicode itself to
+ all be secure. Also, rxvt-unicode disables some options when it
+ detects that it runs setuid or setgid, which is not nice.
+
+ Elevated privileges are only required for utmp and pty operations on
+ some systems (for example, GNU/Linux doesn't need any extra
+ privileges for ptys, but some need it for utmp support). If
+ rxvt-unicode doesn't support the library/setuid helper that your OS
+ needs I'll be happy to assist you in implementing support for it.
+
+ So, while setuid/setgid operation is supported and not a problem on
+ your typical single-user-no-other-logins unix desktop, always
+ remember that its an awful lot of code, most of which isn't checked
+ for security issues regularly.
+
When I log-in to another system it tells me about missing terminfo data?
The terminal description used by rxvt-unicode is not as widely
available as that for xterm, or even rxvt (for which the same