Am Mittwoch, 22. Februar 2017, 22:01:01 schrieb Martin Gräßlin: > The attack surface is exactly the same as any other X application. It's > X itself which will make this exploitable.
Yes, obviously, and that's clear to me too. I won't comment on the rest, because it's not specific to kfloppy as you write yourself. Just this: > I answered nevertheless, because I think it's important for all devs to > understand that connecting to X11 as root means a risk to their users > and that there is nothing their application can do to protect against > it. Ok, fine with me that you wrote that again. And important too, I agree. Although, I have to say that I somehow felt a bit like being "witch-hunted" for even thinking about that. But let's stop here, I'll try to forget that... ;-) Kind Regards, Wolfgang