Originally posted by Myownfriend
View Post
Let's check your directory:
1. https://medium.com/geekculture/explo...s-cc0e2184cece - everything under it seemingly requires local access at which point you're f-ed regardless. Secondly, the TCP feature of X.org has never been enabled by default. IOW, this wonderful article affects those who already got owned. What a vulnerability. Oh, in the end it's talking about modifying the lightdm.conf file which is only possible for the root user. Are you trying to imply X.org is insecure because the root user can set it up insecurely? Woooooooooooooooow. A ton of Linux daemons and application servers can be misconfigured to allow to hack into the system effortlessly.
2. https://www.rapid7.com/db/modules/ex...keyboard_exec/ - Absolutely no info given about it aside from "This module exploits open X11 servers by connecting and registering a virtual keyboard" - so, again the X11 server needs to be manually misconfigured, right?
3. https://www.rapid7.com/db/modules/ex...rg_x11_server/ - "A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and run arbitrary code under root privileges" - has nothing to do with the X11 protocol or inherent Xorg insecurity, and it only affected OpenBSD, AIX 7.1/7.2. Already fixed.
4. https://www.rapid7.com/db/?q=x11&type=&page=1 - a great catalogue of already fixed vulnerabilities. Yes, X.org is a very complex piece of code, yes, by Xorg runs under the root user, so it has a very large attack surface considering the sheer amount of interfaces it has to interact with the user.
So, what do we have in the end?
The X11/Xorg server has seen over 800 vulnerabilities according to rapid7.com, a large number of it are down to it running under the root user which Wayland solves automatically. I will not argue, doubt or question that. However, you heavily implied that Xorg is insecure by default even with all the vulnerabilities fixed which you have never demonstrated. I'm glad you're capable of proving that Earth is not flat, but you're failed miserably at proving that Xorg is insecure by definition. It's simply false.
Here's my last argument, quite a serious one.
https://www.helpnetsecurity.com/2021...ise-linux-8-1/
https://www.dbta.com/Editorial/News-...-8-148562.aspx
You don't get it for broken insecure pieces of code. Redhat must have bribed someone, right?
Comment