Red Hat Bugzilla – Bug 130769
X sockets insecure file permissions
Last modified: 2007-11-30 17:10:47 EST
There exists an insecure file permissions flaw in the Xorg server
for RHEL2.1 and RHEL3. When the X server starts, a socket is created
in /tmp/.X11-unix. The permissions of this file are drwxrwxrwx.
Additionally there are also directories for .font-unix, .ICE-unix
which need proper permissions set as well.
There is a patch for the xfs socket for FC in bug 129622.
This patch creates the xfs socket directory at boot time. We should
be doing that for all the socket directories.
At this point, it probably should just be moved to the filesystem package.
needs to be kept in sync with this one.
*** This bug has been marked as a duplicate of 130762 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.