On Tue, Apr 17, 2001 at 04:36:58PM +0200, Bernd Eckenfels wrote: > On Tue, Apr 17, 2001 at 12:35:16PM +0400, Ilya Martynov wrote: > > xdm is started from init scripts, suid X server started by user. > > In fisrt case program is started in relatively safe environment, in > > second case environment can be very hostile. > > Actually the /usr/bin/X Program is a wrapper and not a X Server. xdm had > some (remote) exploits, so I would not consider it equally safe to > X-Wrapper. xdm doesn't listen on TCP ports by default anymore, so this is somewhat mitigated.. -- G. Branden Robinson | It's not a matter of alienating authors. Debian GNU/Linux | They have every right to license their branden@debian.org | software however we like. http://www.debian.org/~branden/ | -- Craig Sanders, in debian-devel
Attachment:
pgpv00OkNSmMG.pgp
Description: PGP signature