About zhcon setuid issue.
Hu Zheng
zhu at redhat.com
Tue Apr 3 05:52:01 UTC 2007
The zhcon package was added to FC6 and FC7 extra recently. But there is
a issue of it that we may need to notice.
Because it need to access /dev/fb0 and so on, it need the setuid
permission, so normal users can use it too. This bring the security
risk. But for users' convenience, I didn't remove this setuid
permission.
It is still better don't install zhcon by default. Let's user install it
manually.
Maybe we can use ACL to controll this?
More information about the security
mailing list