Tobias, thanks for the report; after discussion we've decided to not handle this as a security vulnerability. Mixing root and not-root applications in one X11 session is a bad idea and this is further demonstration of the known issues.
It might still be worth reporting upstream -- the Nautilus developers may wish to have the program close when the last window is closed, or perhaps print a warning if they can determine that it is being run via sudo / su / gksu etc. Thanks ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to nautilus in Ubuntu. https://bugs.launchpad.net/bugs/1549901 Title: Force quitting Nautilus may give root access To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nautilus/+bug/1549901/+subscriptions -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
