Skip to content
GitLab
Commit 50c0cf88 authored by Matthieu Herrb's avatar Matthieu Herrb Committed by Adam Jackson
Browse files

Disable -logfile and -modulepath when running with elevated privileges 



Could cause privilege elevation and/or arbitrary files overwrite, when
the X server is running with elevated privileges (ie when Xorg is
installed with the setuid bit set and started by a non-root user).

CVE-2018-14665

Issue reported by Narendra Shinde and Red Hat.

Signed-off-by: Matthieu Herrb's avatarMatthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith's avatarAlan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer's avatarPeter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Adam Jackson's avatarAdam Jackson <ajax@redhat.com>
parent 08ff37d0
Hide whitespace changes
Inline Side-by-side
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment