https://bugzilla.novell.com/show_bug.cgi?id=632737 https://bugzilla.novell.com/show_bug.cgi?id=632737#c6 --- Comment #6 from Egbert Eich <eich@novell.com> 2010-08-19 15:22:52 UTC --- I wonder why comments here are set private. This is an openSUSE bug and private comments should not exist there. This is different if a specific security issue is discussed here however we discuss possible security breach scenarios. This knowledge is public although the general public may not be aware of those while every serious attacker is. Thus making this discussion public can only serve to educate more people on the risks. My comment (#2) was accidentally set private because for some strange reason the 'restrict' mark is set by default for me and I forgot to unset it before I committed the comment and for some other odd reason did unsetting the private bit fail. Now to the issue at stake: I expect to see numerous bug reports when people suddenly cannot run startx any more as modifying /etc/permissions.local is not the first thing which comes to their mind. Thus if we want to do this change I strongly recommend to extend the startx script to test if the user running it is not root and if so fail with a message educating him why the change was made and what exactly to do to make startx work again for him. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.