From owner-cvs-all  Sun Apr 30 10:58:45 2000
Delivered-To: cvs-all@freebsd.org
Received: from picnic.mat.net (picnic.mat.net [206.246.122.133])
	by hub.freebsd.org (Postfix) with ESMTP
	id B738737B7BD; Sun, 30 Apr 2000 10:58:31 -0700 (PDT)
	(envelope-from chuckr@picnic.mat.net)
Received: from localhost (chuckr@localhost [127.0.0.1])
	by picnic.mat.net (8.9.3/8.9.3) with ESMTP id NAA73663;
	Sun, 30 Apr 2000 13:58:30 -0400 (EDT)
	(envelope-from chuckr@picnic.mat.net)
Date: Sun, 30 Apr 2000 13:58:30 -0400 (EDT)
From: Chuck Robey <chuckr@picnic.mat.net>
To: Kris Kennaway <kris@FreeBSD.org>
Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: Re: cvs commit: ports/x11/XFree86-4 Makefile
In-Reply-To: <Pine.BSF.4.21.0004300126300.13182-100000@freefall.freebsd.org>
Message-ID: <Pine.BSF.4.21.0004301357250.7061-100000@picnic.mat.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 30 Apr 2000, Kris Kennaway wrote:

> On Sun, 30 Apr 2000, Kris Kennaway wrote:
> 
> >   Modified files:
> >     x11/XFree86-4        Makefile 
> >   Log:
> >   Mark FORBIDDEN due to the root hole in the X server reported on Bugtraq.
> >   I've tried *multiple* times to talk to an XFree86 developer about the
> >   problem, but they haven't deigned to respond to me.
> 
> Probably the best thing we could do is to add back Xwrapper support to the
> port - for some reason which can only be described (a priori) as idiotic,
> the XFree86 guys decided to remove Xwrapper (which is what prevents
> XFree86-3.x from being vulnerable to this hole) and make the X server
> itself setuid root again.

I think that's going to have to be done; we CAN'T be without an X11 port,
too many things depend directly on X.  We can shout and howl, and do local
FreeBSD fixes, but X is too important to remove, don't you see?

> 
> Kris
> 
> ----
> In God we Trust -- all others must submit an X.509 certificate.
>     -- Charles Forsythe <forsythe@alum.mit.edu>
> 
> 
> 

----------------------------------------------------------------------------
Chuck Robey            | Interests include C & Java programming, FreeBSD,
chuckr@picnic.mat.net  | electronics, communications, and signal processing.

New Year's Resolution:  I will not sphroxify gullible people into looking up
fictitious words in the dictionary.
----------------------------------------------------------------------------



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message