Re: X server security problem
> Recently a security problem which allows any user to overwrite any file
> was pointed out in the linux-security mailing list. This problem is
> caused partly by the X servers being installed SUID root.
> The a.out versions of the Debian X server packages (currently in the
> 'stable' tree on ftp.debian.org) have this problem. I recommend that you
> remove the SUID bit on the server by doing the following:
> chmod u-s /usr/X11R6/bin/XF86_*
[ Klippa, klapp, kluppit ]
> Steve Early
Hmm. I did "chmod u-s /usr/X11R6/bin/XF86_S3", then when I tried to run
"startx" (as myself, not root) it said the server had to be suid root.
So either I don't run X or I have this security problem.
Does anybody have an idea when the server packages will be updated?