Announcement

Collapse
No announcement yet.

Another X.Org Security Advisory Disclosed Today

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • RahulSundaram
    replied
    Yep. If you are using a display manager, you will need to push upstreams to add support for it. GDM is further along than everyone else in this.
    Last edited by RahulSundaram; 19 March 2015, 09:36 AM.

    Leave a comment:


  • AnAkIn
    replied
    Originally posted by RahulSundaram View Post
    All the necessary patches have been pushed upstream by Fedora but your distribution has to setup some configuration for it to work out of the box. Ask them.
    There's still no support in lightdm and sddm:

    Leave a comment:


  • RahulSundaram
    replied
    Originally posted by steveriley View Post
    Still root here on Kubuntu 14.10:
    Code:
    steve@t520:~$ [B]ps -f -p $(pidof X)[/B]
    UID        PID  PPID  C STIME TTY          TIME CMD
    root      8749  1305  1 Mar16 tty7     00:42:25 /usr/bin/X :0 vt7 -br -nolisten tcp -auth /var/run/xauth/A:0-Al4k6a
    Intel graphics drivers; using systemd-logind.
    All the necessary patches have been pushed upstream by Fedora but your distribution has to setup some configuration for it to work out of the box. Ask them.

    Leave a comment:


  • steveriley
    replied
    Originally posted by Ericg View Post
    Runs as user if using logind (at least on Fedora, idk if those patches got propagated out to other distros) and the open source drivers.
    Still root here on Kubuntu 14.10:
    Code:
    steve@t520:~$ [B]ps -f -p $(pidof X)[/B]
    UID        PID  PPID  C STIME TTY          TIME CMD
    root      8749  1305  1 Mar16 tty7     00:42:25 /usr/bin/X :0 vt7 -br -nolisten tcp -auth /var/run/xauth/A:0-Al4k6a
    Intel graphics drivers; using systemd-logind.

    Leave a comment:


  • TheBlackCat
    replied
    Originally posted by gens View Post
    or java
    Or haskell.

    Leave a comment:


  • asdfblah
    replied
    Is anyone auditing Wayland / Weston / Mir for security vulnerabilities?

    Leave a comment:


  • uid313
    replied
    Originally posted by RahulSundaram View Post
    Not sure what that means. Wayland is just a protocol. Maybe you are referring to Weston? That doesn't affect other independent compositors.
    Well, maybe libwayland and the libraries, and yeah maybe Weston too.

    But I guess C makes sense for the reference implementation.

    Leave a comment:


  • RahulSundaram
    replied
    Originally posted by uid313 View Post
    Maybe they should rewrite Wayland in Rust then...
    Not sure what that means. Wayland is just a protocol. Maybe you are referring to Weston? That doesn't affect other independent compositors.

    Leave a comment:


  • uid313
    replied
    Originally posted by gens View Post
    or java
    Java is heavy and has overhead.
    Java may be good for application software, but perhaps not so much for system software.

    Originally posted by Ericg View Post
    I know you say that sarcastically uid, but i really do hope that eventually C and C++ can be phased out for Rust or a Rust-Like language where its memory-safe. Its not that programmers don't know what they are doing or are bad, its not that at all, but accidents and bugs do happen and if we can negate some of them before they ever even occur then all the more power to us.
    No, I wasn't being sarcastic.
    I was being serious.

    It is very difficult to to code proper and safe in C and takes a lot of knowledge, a lot of effort, a lot of time, and it is so easy to shoot yourself in the foot.
    Even when inspecting the code, it is very difficult to spot bugs.

    Rust is very robust and safe and brings many advantages over C. It also low level and fast and as far as I know does not bring disadvantages.

    Perhaps Rust could take over as the natural successor to C.

    Leave a comment:


  • Ericg
    replied
    Originally posted by uid313 View Post
    Maybe they should rewrite Wayland in Rust then...
    I know you say that sarcastically uid, but i really do hope that eventually C and C++ can be phased out for Rust or a Rust-Like language where its memory-safe. Its not that programmers don't know what they are doing or are bad, its not that at all, but accidents and bugs do happen and if we can negate some of them before they ever even occur then all the more power to us.

    Leave a comment:

Working...
X