|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2018-10-26 13:37:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
An X.Org security advisory
It turn out that the X.org server, versions 1.19.0 and after, contain an
easily exploitable privilege escalation vulnerability. Anybody who is
running a system that has X installed setuid root, and which has untrusted
users on it, will want to install the update. "X.Org recommends the
use of a display manager to start X sessions, which does not require Xorg
to be installed setuid."
It turn out that the X.org server, versions 1.19.0 and after, contain an
easily exploitable privilege escalation vulnerability. Anybody who is
running a system that has X installed setuid root, and which has untrusted
users on it, will want to install the update. "X.Org recommends the
use of a display manager to start X sessions, which does not require Xorg
to be installed setuid."
