X server security problem

To: Debian users <debian-user@Pixar.com>
Subject: X server security problem
From: Stephen Early <sde1000@cam.ac.uk>
Date: Wed, 31 Jan 1996 16:06:22 +0000 (GMT)
Message-id: <[🔎] Pine.LNX.3.91.960131141419.14067E-100000@myrddin.chu.cam.ac.uk>

Recently a security problem which allows any user to overwrite any file 
was pointed out in the linux-security mailing list. This problem is 
caused partly by the X servers being installed SUID root.

The a.out versions of the Debian X server packages (currently in the 
'stable' tree on ftp.debian.org) have this problem.  I recommend that you 
remove the SUID bit on the server by doing the following:

chmod u-s /usr/X11R6/bin/XF86_*

The a.out versions of the Debian X packages are built from binaries 
released by the XFree86 project.  Fixed server packages should appear as 
soon as they release their fixed version.

The ELF versions of the Debian X server packages are not installed SUID
root. Instead a small SUID wrapper program (/usr/X11R6/bin/X, part of the
xbase package) is used, which reads /etc/X11/Xserver to find out which X
server to run and who is allowed to run it. This file consists of two
lines; the first is the full path of the X server, and the second contains
the word 'RootOnly', 'Console' or 'Anybody'. 

If you have the ELF versions of the X packages then I recommend that you 
change the second line of /etc/X11/Xserver to read 'RootOnly' until I 
release new versions of the server packages with the security problem fixed.

Steve Early
sde1000@cam.ac.uk

Reply to:

Prev by Date: Re: New with Linux
Next by Date: Shadow Passwords
Previous by thread: Re: 1.3.57 module loading problems
Next by thread: Shadow Passwords
Index(es):
- Date
- Thread