Summary: | x11-apps/xinit: with startx, X is run unsecured from other local users in default setup | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Faustus <orlovm> |
Component: | Current packages | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | x11 |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Faustus
2010-11-02 22:20:06 UTC
I can confirm Debian has also changed it's xserverrc to: #!/bin/sh exec /usr/bin/X -nolisten tcp "$@" re: http://ftp.de.debian.org/debian/pool/main/x/xinit/xinit_1.2.0-2.diff.gz Fixed in xinit-1.2.0-r4 (stabilize this one) and for ~arch users in 1.3.0-r1. Arch teams, please test and mark stable: =x11-apps/xinit-1.2.0-r4 Target KEYWORDS="alpha amd64 arm hppa ia64 ppc ppc64 s390 sh sparc x86" x86 stable amd64 done ppc64 done Stable for HPPA PPC. arm stable alpha/ia64/s390/sh/sparc stable, closing |