Kees Cook found a bug in the libX11 Xinput module in the way it handles certain file descriptors. This could allow a local user to gain access to files owned by the utmp user which they normally should not have access to.j
https://bugs.freedesktop.org/show_bug.cgi?id=8699 fix: https://bugs.freedesktop.org/attachment.cgi?id=7459
According to bug 216413 this has been fixed in RHEL 5 beta. Is there a chance it will be available for FC too? I have some users here who get bitten by this. On some web sites, Flash sites probably, it appears that one descriptor is leaked per mouse click or something like that. After one thousand clicks Firefox doesn't respond any more, or crashes outright. The users have been less than happy, since they were "almost done". I hoped for an upgrade from the distribution, so I didn't have to rebuild myself. Can I expect one, or should I do my own rebuild?
libX11-1.0.3-6.fc6 and -1.0.3-7.fc7 have the fix. The former is on its way to updates now.