xfce4 security history

Auke Kok sofar at lunar-linux.org
Thu Aug 11 09:11:03 CEST 2005

Jani Monoses wrote:

>Hello all
>I have searched the web for xfce4 security advisories but found none :)
>Can you confirm there have been no such bugs so far?

Xfce currently does not include any components which can really
compromise security: Everything is running as user processes and without
SUID bits or other typical vulnerabilities. This makes Xfce4 a very
uninteresting target for security penetration.

While I'm sure there are security flaws in any software product, I'm
pretty sure that the ones in Xfce4 are not worth comparing at the usual
scale. It would be like finding a security bug in /bin/ls.



More information about the Xfce4-dev mailing list