Hi, https://lists.x.org/archives/xorg-announce/2018-October/002927.html are we impacted by this? best regards, Nicolas
On Oct 25, 2018, at 9:31 PM, nicolas bats <sl1200mk2@gmail.com> wrote:
Hi, https://lists.x.org/archives/xorg-announce/2018-October/002927.html <https://lists.x.org/archives/xorg-announce/2018-October/002927.html>
are we impacted by this?
No, unless you're doing something very odd. The vulnerability only affects systems where the X server is configured so that it has root privileges even when run by a non-privileged user. XQuartz is not normally configured that way, or with any unusual privileges. It just runs in your normal user account with your normal privileges. Regards, Ken
ok Ken, thank you for your answer. I'm not doing odd things with XQuartz :) best regards, Nicolas Le ven. 26 oct. 2018 à 06:21, Ken Thomases <ken@codeweavers.com> a écrit :
On Oct 25, 2018, at 9:31 PM, nicolas bats <sl1200mk2@gmail.com> wrote:
Hi, https://lists.x.org/archives/xorg-announce/2018-October/002927.html
are we impacted by this?
No, unless you're doing something very odd.
The vulnerability only affects systems where the X server is configured so that it has root privileges even when run by a non-privileged user. XQuartz is not normally configured that way, or with any unusual privileges. It just runs in your normal user account with your normal privileges.
Regards, Ken
_______________________________________________ Xquartz-dev mailing list Xquartz-dev@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/xquartz-dev
participants (2)
-
Ken Thomases
-
nicolas bats