+1 SELinux and policy rules. I open this. I don't start an "'wich hunting" on specific topics.
I think the problem is still in working with SETID and SELinux rules. ( this is not the only way to solve the https://fedoraproject.org/wiki/Features/RemoveSETUID) Will be great if we know how applications involve this issues versus collateral development teams and fix under SELinux policies. On Fri, Nov 2, 2018 at 8:53 AM Raphael Groner <raph...@fedoraproject.org> wrote: > > On Thu, Nov 01, 2018 at 04:33:21PM -0400, Adam Jackson wrote: > > > > If I understand this CVE correctly, it doesn't matter what X server is > > running (if any at all). Do matter what setuid-root Xorg binary is > > installed (or not). > > +1 > SELinux should block such kind of attacks. > _______________________________________________ > devel mailing list -- devel@lists.fedoraproject.org > To unsubscribe send an email to devel-le...@lists.fedoraproject.org > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org >
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
