https://bugzilla.novell.com/show_bug.cgi?id=632737 https://bugzilla.novell.com/show_bug.cgi?id=632737#c17 --- Comment #17 from Ludwig Nussel <lnussel@novell.com> 2011-03-31 08:13:14 CEST --- (In reply to comment #16)
No setuid bit also prevents exploitation of the kernel-heap-stack overflow problem via X as X cannot be started in a user controlled environment anymore. Therefore we removed the setuid bit on Xorg from /etc/permissions.easy.
The actual security problem was fixed in the kernel. Removing the setuid bit is a preventive measurement against potential similar problems in the future.
Users who actually need it, can set it again in /etc/permissions.local by removing the comment sign from this line:
#/usr/bin/Xorg root:root 4711
and running SuSEconfig afterwards.
SuSEconfig --module permissions, SuSEconfig alone does not set permissions anymore. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.