[580] in linux-security and linux-alert archive
Re: XFree86 3.1.2 Security Problems
daemon@ATHENA.MIT.EDU (David J Meltzer)
Mon Jan 29 11:47:15 1996
Date: Mon, 29 Jan 1996 00:55:56 -0500 (EST)
From: David J Meltzer <davem+@andrew.cmu.edu>
To: David Dawes <dawes@rf900.physics.usyd.edu.au>
Cc: bugtraq@crimelab.com, best-of-security@suburbia.net,
linux-alert@tarsier.cv.nrao.edu, linux-security@tarsier.cv.nrao.edu,
report@XFree86.org
In-Reply-To: <199601290540.QAA00748@rf900.physics.usyd.edu.au>
Excerpts from mail: 29-Jan-96 Re: XFree86 3.1.2 Security .. by David
Dawes@rf900.physic
> This is not true. The server sets its uid to the real-uid when reading
> the XF86Config file. For OSs that don't have saved IDs, it forks and
> the child sets its uid to the real uid before opening the file. It
> passes the data back to the parent. Also, the server only allows an
> arbitrary XF86Config file to be specified when started with real-uid 0.
You are right, my machine is sufficiently mangled that I inadvertantly
was running as root when I was testing that part. I apologize for the
inaccuracy.
(Moderators: feel free (encouraged) to kill the third paragraph of my
previous post as it is plain WRONG.)
[Mod: This will be corrected prior to the original message being
forwarded to linux-alert; I had already approved the message to
linux-security when I read this. --Jeff]
/-------------\
|David Meltzer|
|davem@cmu.edu|
/--------------------------\
|School of Computer Science|
|Carnegie Mellon University|
\--------------------------/
