On Thu, Nov 01, 2018 at 04:33:21PM -0400, Adam Jackson wrote:
On Thu, 2018-11-01 at 13:08 -0500, Chris Adams wrote:
> Once upon a time, Jiri Eischmann <eischmann(a)redhat.com> said:
> > I wonder if Fedora has even been affected. I was not able to reproduce
> > the exploit on Fedora 29 Workstation (with Xorg older than the one
> > fixing the issue).
>
> IIRC F29 Workstation uses Wayland, not X, right?
The thing driving the display [1] is a wayland server named gnome-
shell. Due to accident of implementation there is also an X server
named Xwayland running as well. This CVE affects the X server named
Xorg.
If I understand this CVE correctly, it doesn't matter what X server is
running (if any at all). Do matter what setuid-root Xorg binary is
installed (or not).
--
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?