![[LWN Logo]](/images/lcorner.png)
![[Timeline]](/images/Included.png)
|
|
|
|
Date: Tue, 3 Oct 2000 11:14:13 +1100 Subject: Local vulnerability in XFCE 3.5.1 To: BUGTRAQ@SECURITYFOCUS.COM Problem: XFCE 3.5.1 ships with the following entry in /etc/X11/xfce/xinitrc: xhost +$HOSTNAME If a person is using this on a multiuser system, all local users may connect to their X session and capture keystrokes, etc. Fix: Upgrade to XFCE 3.5.2. The offending line has been commented out. Cheers, Nick