On Tuesday 15 April 2008, Enlightenment CVS wrote: > Enlightenment CVS committal > > Author : vapier > Project : eterm > Module : Eterm > > Dir : eterm/Eterm/src > > Modified Files: > startup.c > > Log Message: > fix from Nico Golde from Debian for deb bug #473127 and gentoo bug #216833 > > =================================================================== > RCS file: /cvs/e/eterm/Eterm/src/startup.c,v > retrieving revision 1.58 > retrieving revision 1.59 > diff -u -3 -r1.58 -r1.59 > --- startup.c 30 Oct 2006 21:12:12 -0000 1.58 > +++ startup.c 16 Apr 2008 03:23:27 -0000 1.59 > @@ -96,7 +96,11 @@ > > /* Open display, get options/resources and create the window */ > if (getenv("DISPLAY") == NULL) { > - display_name = STRDUP(":0"); > + /* do not default to any display due to security issues -- vapier > + * http://article.gmane.org/gmane.comp.security.oss.general/122 > + */ > + libast_print_error("can't open display: DISPLAY not set\n"); > + exit(EXIT_FAILURE); > } else { > display_name = STRDUP(getenv("DISPLAY")); > }
Michael: i dont know if anyone contacted you about this, but you may want to post an eterm 0.9.4.1 or 0.9.5 to make security people happy. -mike
signature.asc
Description: This is a digitally signed message part.
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel