Bug 130769 - X sockets insecure file permissions
Summary: X sockets insecure file permissions
Keywords:
Status: CLOSED DUPLICATE of bug 130762
Alias: None
Product: Fedora
Classification: Fedora
Component: xorg-x11
Version: 2
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: X/OpenGL Maintenance List
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2004-08-24 15:30 UTC by Josh Bressers
Modified: 2007-11-30 22:10 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-02-21 19:05:14 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Josh Bressers 2004-08-24 15:30:02 UTC 
There exists an insecure file permissions flaw in the Xorg server
for RHEL2.1 and RHEL3.  When the X server starts, a socket is created
in /tmp/.X11-unix.  The permissions of this file are drwxrwxrwx.

Additionally there are also directories for .font-unix, .ICE-unix
which need proper permissions set as well.

There is a patch for the xfs socket for FC in bug 129622.

This patch creates the xfs socket directory at boot time.  We should
be doing that for all the socket directories.
Comment 1 Bill Nottingham 2004-08-24 15:32:41 UTC 
At this point, it probably should just be moved to the filesystem package.
Comment 2 Mike A. Harris 2004-09-21 05:30:07 UTC 
Bug https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=130762
needs to be kept in sync with this one.
Comment 4 Mike A. Harris 2004-09-24 06:37:57 UTC 

*** This bug has been marked as a duplicate of 130762 ***
Comment 5 Red Hat Bugzilla 2006-02-21 19:05:14 UTC 
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.
Note You need to log in before you can comment on or make changes to this bug.