Announcement

Collapse
No announcement yet.

Another X.Org Security Advisory Disclosed Today

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Another X.Org Security Advisory Disclosed Today

    Phoronix: Another X.Org Security Advisory Disclosed Today

    Security researcher Ilja van Sprundel previously characterized the X.Org security scene as being a disaster. This researcher at IOActive has previously reported a large number of X.Org security issues and today is yet another advisory thanks to Ilja...

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    X.org is useless complex old platform which penalizes Linux systems, it has to be abandoned replaced by wayland.

    Comment


    • #3
      It is absurd that X.Org Server still runs as root.

      Hope to see more old cruft gets burned by fire in the next X.Org release.

      Comment


      • #4
        Originally posted by uid313 View Post
        It is absurd that X.Org Server still runs as root.

        Hope to see more old cruft gets burned by fire in the next X.Org release.
        Runs as user if using logind (at least on Fedora, idk if those patches got propagated out to other distros) and the open source drivers. If you don't use a login manager you can run xorg as user without logind if your user is in the input group and you start xorg via "startx"
        All opinions are my own not those of my employer if you know who they are.

        Comment


        • #5

          Comment


          • #6
            Originally posted by uid313 View Post
            It is absurd that X.Org Server still runs as root.

            Hope to see more old cruft gets burned by fire in the next X.Org release.
            X does not have to run as root ever since DRM got into the kernel

            @ Azrael5; not yet, on desktop that is

            Comment


            • #7
              Good catch Ilja

              I nearly forget this is about security fix while reading comments

              Comment


              • #8
                Originally posted by Azrael5 View Post
                X.org is useless complex old platform which penalizes Linux systems, it has to be abandoned replaced by wayland.
                All software written in C including Wayland can have security bugs like buffer overflows.

                Comment


                • #9
                  Originally posted by JS987 View Post
                  All software written in C including Wayland can have security bugs like buffer overflows.
                  But only old software can have old bugs.

                  And it is usually easier to audit and review fresh code than old code.

                  Comment


                  • #10
                    Originally posted by JS987 View Post
                    All software written in C including Wayland can have security bugs like buffer overflows.
                    Maybe they should rewrite Wayland in Rust then...

                    Comment

                    Working...
                    X