https://bugzilla.novell.com/show_bug.cgi?id=632737
https://bugzilla.novell.com/show_bug.cgi?id=632737#c19
Karl Eichwalder changed:
What |Removed |Added
----------------------------------------------------------------------------
Blocks| |683822
Depends on|683822 |
--- Comment #19 from Karl Eichwalder 2011-03-31 11:44:40 UTC ---
<!-- bnc#632737 -->
With small wording changes, now in svn:
<sect3 id="tec.xorg-setUID" status="2011-03-31">
<title>Removing the Xorg setUID Bit</title>
<para>
The setUID bit on <filename>/usr/bin/Xorg</filename> is needed for starting X
as an unprivileged user, e.g., via <command>startx</command>. This method is
deprecated in favor of using a display manager since years. Additionally,
modern environments rely on device ACLs and polkit privileges, which in turn
depend on consolekit tracking the active console.</para>
<para>
The actual security problem was fixed in the kernel. Removing the
setUID bit is a preventive measurement against potential similar
problems in the future.
</para>
<para>
Users who depend on the old configuration, can set the setUID bit themself
in <filename>/etc/permissions.local</filename> by removing the comment sign
from the
following line:</para>
<screen>#/usr/bin/Xorg root:root 4711</screen>
<para>
and running <command>SuSEconfig --module permissions</command>
afterwards.</para>
</sect3>
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.