Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 19 May 2013, 18:24
All times are UTC - 4

 Forum index » Off-Topic Area » Security
Xorg security issue permissions?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [3 Posts]  
Author Message
nooby

Joined: 29 Jun 2008
Posts: 9385
Location: SwedenEurope
PostPosted: Tue 01 Nov 2011, 14:33    Post subject:  Xorg security issue permissions?  
I know too little. Read this one and try to get what it is all about.

http://www.pacman.linuxd.org/
Quote:

These days were discovered two big security issues in X.org
witch is common almost in all distributions witch are focused
on desktop usage.

User can set up permissions of any file or directory
to "all read" attributes, witch is a reall issue.

So all users should upgrade to latest packages (our rc.updater
will handle this it is not disabled.

But this is also very important step in any other distribution,
so if you are affected you should upgrade at least xorg server
and libXfont. Author: tomo ,
2011-10-23


So what is it he says? I am a noob but he do say it is important.
Does it affect Puppy?
_________________

I'm a noob so I use Google Search of Puppy Forum
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 9385
Location: SwedenEurope
PostPosted: Wed 02 Nov 2011, 08:51    Post subject:  
is not this a concern for Puppy?
_________________

I'm a noob so I use Google Search of Puppy Forum
Back to top
View user's profile Send private message 
Karl Godt


Joined: 20 Jun 2010
Posts: 2675
Location: Kiel,Germany
PostPosted: Wed 02 Nov 2011, 11:28    Post subject:  
I know too little , too .

The only thing i know , that i had Xorg xserver-1.3.0 [re-]compiled to test the many alternative kdrives , which includes the Xvesa and Xvb srerver .

The xwin scripts mentions some more , some i have never had known before , me thinking very old [ pre 2005 or pre Puppy 4 series in this case ] .

Any user can set permissions to whatever value with sudo and su root .

Reading anything does not seem to be a major security risk in comparison to stability of the OperatingSystem .

Reading the keystrokes if some [pinstall.sh to /etc/rc.d/local]
program lauches the evbug.ko driver for example and submiting them via the browser somewhere
may be meant by the author .

The puppy standard kernel :
# grep -i evbug /etc/modules/*
/etc/modules/DOTconfig-2.6.39.4:# CONFIG_INPUT_EVBUG is not set

has evbug not enabled , but there may be some Xorg drivers like
/usr[/X11R7]/lib/xorg/modules/input/evdev_drv.so
being capable of this .

I am running my own Xvesa-1.3.0 @Racy-099 ATM and am happy with Xvesa, too .
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [3 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.0442s ][ Queries: 12 (0.0061s) ][ GZIP on ]