Package: xserver-xorg-core Version: 2:1.7.7-7 Severity: important As discussed with KiBi, there is a fairly important security issue with the X server in squeeze.
Start a X or Xephyr server, with no -auth argument. It will accept all clients without a question. With -auth blahblah, as gdm does, it will, as expected, accept only authenticated connections. The version in lenny behaves as expected and just refuses all connections unless passed -ac. -- .''`. Josselin Mouette : :' : `. `' “If you behave this way because you are blackmailed by someone, `- […] I will see what I can do for you.” -- Jörg Schilling -- To UNSUBSCRIBE, email to debian-x-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101030144315.ga14...@saya.malsain.org
