• @mvirts
    link
    English
    44 hours ago

    Lol not even reading it because I’ve always assumed that if there’s an RCE on desktop it will inevitably lead to full system compromise.

    😅

    It’s trust all the way down.

  • Possibly linux
    link
    fedilink
    English
    67 hours ago

    Is this news worthy? X is the classic example of how a code base becomes completely unmanageable

  • @[email protected]
    link
    fedilink
    English
    -57 hours ago

    By providing a modified bitmap to the X.Org Server, a heap-based buffer overflow privilege escalation can occur.

    Maybe we should stop writing security critical software in memory unsafe languages. I now this vulnerability was introduced a long time ago, but given that major Wayland compositors are still written in C, something like this isn’t too unlikely to happen again.

    • @[email protected]
      link
      fedilink
      English
      157 hours ago

      Let’s re-write all currently existing software in Rust, then there will be no more security holes, and every computer will be safe forever.

    • @leo85811nardo
      link
      English
      86 hours ago

      Wait till bro find out the program written in the “memory safe language” depends on many libraries written in C

    • @woelkchen
      link
      English
      46 hours ago

      major Wayland compositors are still written in C

      KWin is written in C++ but yes, it’s not a “safe” language.

      something like this isn’t too unlikely to happen again.

      With at least three mainstream implementations – KWin, Mutter, and wlroots – it’s highly unlikely that all would ever be equally affected by one bug.

  • exu
    link
    fedilink
    English
    08 hours ago

    I know Phoronix comments, but what’s up with the Linux Mint hate?

    • kamenLady.
      link
      English
      58 hours ago

      Tbf, there’s 1 Mint comment and 1 reply to that comment.