After kde starts, the file /tmp/.X11-unix/X0 is created and assigned
to the kde user with world rw privileges.
This vulnerability can be removed by executing
chmod 700 /tmp/.X11-unix/X0
in a konsole session immediately after kde initializes.
Also, kde does not chown /dev/[tp]typ* files when they
are allocated to users for kde processes. The result is that
these devices are also world rw. This condition can be fixed
by using chown and chmod commands on those devices.
Dave Feustel
--
Lose, v., experience a loss, get rid of, "lose the weight"
Loose, adj., not tight, let go, free, "loose clothing"
