• @mvirts
    link
    English
    122 months ago

    Lol not even reading it because I’ve always assumed that if there’s an RCE on desktop it will inevitably lead to full system compromise.

    😅

    It’s trust all the way down.

  • Possibly linux
    link
    fedilink
    English
    122 months ago

    Is this news worthy? X is the classic example of how a code base becomes completely unmanageable

    • @[email protected]
      link
      fedilink
      English
      12 months ago

      Yeah the original x11 (x windowing system) has not been updated since 2012 (xorg in April 2024) it makes sense

  • @[email protected]
    link
    fedilink
    English
    4
    edit-2
    2 months ago

    Considering x windowing system (the original x11) has not been updated since 2012 it makes sense (but xorg popular x11 Implementation was last updated in April 2024)

  • exu
    link
    fedilink
    English
    22 months ago

    I know Phoronix comments, but what’s up with the Linux Mint hate?

    • kamenLady.
      link
      English
      72 months ago

      Tbf, there’s 1 Mint comment and 1 reply to that comment.

  • @[email protected]
    link
    fedilink
    English
    -62 months ago

    By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.

    Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn’t too unlikely to happen again.

    • @[email protected]
      link
      fedilink
      English
      212 months ago

      Let’s re-write all currently existing software in Rust, then there will be no more security holes, and every computer will be safe forever.

    • @leo85811nardo
      link
      English
      122 months ago

      Wait till bro find out the program written in the “memory safe language” depends on many libraries written in C

      • 2xsaiko
        link
        fedilink
        English
        12 months ago

        Everyone knows. There’s nothing to “find out”.

    • @woelkchen
      link
      English
      42 months ago

      major Wayland compositors are still written in C

      KWin is written in C++ but yes, it’s not a “safe” language.

      something like this isn’t too unlikely to happen again.

      With at least three mainstream implementations – KWin, Mutter, and wlroots – it’s highly unlikely that all would ever be equally affected by one bug.