Discussion:
[Xquartz-dev] x.org hole
nicolas bats
2018-10-26 02:31:27 UTC
Permalink
Hi,
https://lists.x.org/archives/xorg-announce/2018-October/002927.html

are we impacted by this?
best regards,
Nicolas
Ken Thomases
2018-10-26 04:20:30 UTC
Permalink
Hi,
https://lists.x.org/archives/xorg-announce/2018-October/002927.html <https://lists.x.org/archives/xorg-announce/2018-October/002927.html>
are we impacted by this?
No, unless you're doing something very odd.

The vulnerability only affects systems where the X server is configured so that it has root privileges even when run by a non-privileged user. XQuartz is not normally configured that way, or with any unusual privileges. It just runs in your normal user account with your normal privileges.

Regards,
Ken

Loading...