Displaying 1 result from an estimated 1 matches for "xf86_".
Did you mean:
x86_
1998 Feb 03
0
serious security problem in XKB
The Neverending Story of X11 Insecurity continues...
Summary:
On a system where X11R6.3-based Xserver with XKEYBOARD extension (R6.1 is
probably affected too) is run in setuid or setgid enviroment (e.g. typical
XFree86 installation has XF86_* installed setuid root), local users can
exploit a "feature" of XKB implementation to execute arbitrary commands
with the extra privileges.
Quick vulnerability check:
$ Xserver -xkbdir ''id > /tmp/I_WAS_HERE;''
[exit X server]
$ grep root /tmp/I_WAS_HERE && e...