|
|
|
|
|
|
by yyyk
1691 days ago
|
|
|
>>Zero cases in the wild >Follow along this post and you'll end up with one case in the wild all by yourself on your own machine I know it's possible. The 'case in the wild' terminology is asking whether this was ever weaponized in an exploit. I don't recall X ever being an attack vector in the last decade or two. I guess there are more than enough ways to gain local root this class of exploits doesn't matter. Now, I'm all for closing this hole. But there's something bad about a development strategy that finds things like this and DPI with multiple monitors very important - the vast vast majority of users only have a single monitor - and mostly ignored scenarios like remote desktop until 2020 or so - remote desktop always used by several orders of magnitude more users than HiDPI, and a little tiny bit more important with this mass pandemic going on. Maybe that's why transitioning from X to Wayland takes more time than transitioning from python2 to python3, a well known example of successful migration. |
|
|
So the reason for not exploiting X may very well be simply because there is an even easier exploit available..