X.Org security advisory: root hole via rogue hostname
Apr 05, 2011, 19:29 (0 Talkback[s])
(Other stories by Matthias Hopf)
"By crafting hostnames with shell escape characters, arbitrary
commands can be executed in a root environment when a display
manager reads in the resource database via xrdb.