Bugtraq mailing list archives
XFree86 security problem
From: gonzo () RRNET COM (Patrick J. Volkerding)
Date: Wed, 31 Mar 1999 11:12:52 -0600
On Mon, 29 Mar 1999, Domas Mituzas wrote:
why is RedHat delaying release of this package as it smells like root takeover (it was too easy to change /etc/ and /etc/passwd permissions to something neat). [...] This is cross-platform bug, as I found it in all OS that run XFree86 3.3.3 server. As far as I know it is on every Linux distribution (especially newest ones) and BSD's.
Before flying off the handle at Red Hat, you might consider that quite possibly they aren't vulnerable to this problem. As far as I can tell, if the system ships with a /tmp/.X11-unix/ directory already in place, and none of the system scripts delete it, then there's no security problem since nobody can put a rogue symlink at that location in /tmp. I know Slackware Linux isn't vulnerable to this problem, and never was, and I don't think we're the only ones to ship a Linux OS that provides a pre-existing /tmp/.X11-unix/. -- Patrick J. Volkerding Slackware Linux Project
Current thread:
- IE5 Feature/security hole Anthony Pijerov (Mar 24)
- Re: IE5 Feature/security hole Eilon Lipton (Mar 25)
- <Possible follow-ups>
- Re: IE5 Feature/security hole Juha Jäykkä (Mar 28)
- XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? Domas Mituzas (Mar 29)
- Re: XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? sillyhead (Mar 30)
- XFree86 security problem Patrick J. Volkerding (Mar 31)
- Re: IE5 Feature/security hole Eilon Lipton (Mar 29)
- XFree86 3.3.3 on RedHat 5.2. Why is RedHat waiting?? Domas Mituzas (Mar 29)