--- Comment #18 from Karl Eichwalder email@example.com 2011-03-31 07:11:13 UTC --- Thanks for feedback. Next try:
Removing the Xorg setUID Bit ============================ The setuid bit on /usr/bin/Xorg is needed for starting X as unprivileged user, e.g. via startx. That method is deprecated in favor of a display manager since years. Additionally modern environments rely on device ACLs and polkit privileges, which in turn depend on consolekit tracking the active console.
The actual security problem was fixed in the kernel. Removing the setuid bit is a preventive measurement against potential similar problems in the future.
Users who depend on the old configuration, can set the setuid again in /etc/permissions.local by removing the comment sign from the following line:
#/usr/bin/Xorg root:root 4711
and running 'SuSEconfig --module permissions' afterwards.