Am 2017-02-22 23:20, schrieb Wolfgang Bauer:
Am Mittwoch, 22. Februar 2017, 22:01:01 schrieb Martin Gräßlin:
The attack surface is exactly the same as any other X application.
It's
X itself which will make this exploitable.
Yes, obviously, and that's clear to me too.
I won't comment on the rest, because it's not specific to kfloppy as
you write
yourself.
Just this:
I answered nevertheless, because I think it's important for all devs
to
understand that connecting to X11 as root means a risk to their users
and that there is nothing their application can do to protect against
it.
Ok, fine with me that you wrote that again. And important too, I agree.
Although, I have to say that I somehow felt a bit like being
"witch-hunted"
for even thinking about that.
But let's stop here, I'll try to forget that... ;-)
Kind Regards,
Wolfgang
