Good to know.
I don't know all about of these problems (setuid and protect with SELinux - can de an good idea ).
I used F28, I think also is not fixed with F29.
$ ls -l /usr/libexec/Xorg.wrap
-rwsr-xr-x. 1 root root 11376 Apr 23 2018 /usr/libexec/Xorg.wrap
On Thu, Nov 1, 2018 at 5:44 PM Chris Adams <linux@xxxxxxxxxxx> wrote:
Once upon a time, Cătălin George Feștilă <catalinfest@xxxxxxxxx> said:
> Thank you!
>
> On Thu, Nov 1, 2018 at 4:38 PM Reindl Harald <h.reindl@xxxxxxxxxxxxx> wrote:
>
> >
> >
> > Am 01.11.18 um 15:33 schrieb Cătălin George Feștilă:
> > > https://www.securepatterns.com/2018/10/cve-2018-14665-xorg-x-server.html
> >
> > https://fedoraproject.org/wiki/Features/RemoveSETUID
> > Targeted release: Fedora 15
> >
> > ls -la /usr/bin/Xorg
> > -rwxr-xr-x 1 root root 273 2018-04-23 20:16 /usr/bin/Xorg
That means nothing... that's just a shell script that calls:
$ ls -l /usr/libexec/Xorg.wrap
-rwsr-xr-x. 1 root root 11376 Apr 12 2018 /usr/libexec/Xorg.wrap
which is where the problem lies. I think SELinux should help (because
it should stop writes to lots of things), but I haven't seen a bug or
statement from Fedora about vulnerability.
--
Chris Adams <linux@xxxxxxxxxxx>
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
