Bug#677831: x11-common: please apply this 1 line patch for correct SE Linux labelling
Package: x11-common
Version: 1:7.7+7
Followup-For: Bug #677831
Hi,
Apparently the calls to the do_restorecon() function have been dropped
in the following commit:
commit 0418b8dd8fa6940285f7f6b71302655942c15fb7
Author: Julien Cristau <jcristau@debian.org>
Date: Fri Mar 2 21:57:56 2012 +0100
Be more careful before running chown/chmod in x11-common.init
Fix unsafe manipulation of /tmp/.X11-unix and /tmp/.ICE-unix in the x11-common
init script. A malicious user could trick us into changing
ownership/permissions of an arbitrary directory, and elevate their privileges
(closes: #661627). Reference: CVE-2012-1093.
I guess it was not intentional,
Cheers,
Laurent Bigonville
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_BE.utf8, LC_CTYPE=fr_BE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages x11-common depends on:
ii debconf [debconf-2.0] 1.5.53
ii lsb-base 4.1+Debian13
x11-common recommends no packages.
x11-common suggests no packages.
-- debconf information:
x11-common/xwrapper/actual_allowed_users: console
x11-common/xwrapper/allowed_users: Console Users Only
Reply to: