cvs commit: ports/audio/arts Makefile
Dag-ErlingSmørgrav
des at des.no
Tue Mar 2 11:52:26 PST 2004
Peter Schultz <pmes at bis.midco.net> writes:
> I've always assumed XFree86 to be inherently insecure. I just found
> these SUID files outside base on my machine:
>
> /usr/X11R6/bin/xterm
needs setuid to record sessions in utmp / wtmp / lastlog.
> /usr/X11R6/bin/xscreensaver
needs setuid to verify your password when you unlock.
> /usr/X11R6/bin/Xwrapper-4
'pkg_delete -r wrapper-\*' (unless you absolutely must use startx)
> /usr/X11R6/libexec/gnome-pty-helper
probably needs setuid for the same reason as xterm.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the cvs-ports
mailing list