[Xquartz-dev] x.org hole
Ken Thomases
ken at codeweavers.com
Thu Oct 25 21:20:30 PDT 2018
On Oct 25, 2018, at 9:31 PM, nicolas bats <sl1200mk2 at gmail.com> wrote:
>
> Hi,
> https://lists.x.org/archives/xorg-announce/2018-October/002927.html <https://lists.x.org/archives/xorg-announce/2018-October/002927.html>
>
> are we impacted by this?
No, unless you're doing something very odd.
The vulnerability only affects systems where the X server is configured so that it has root privileges even when run by a non-privileged user. XQuartz is not normally configured that way, or with any unusual privileges. It just runs in your normal user account with your normal privileges.
Regards,
Ken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/xquartz-dev/attachments/20181025/79167a0b/attachment.html>
More information about the Xquartz-dev
mailing list