Next formal CharmBUG meeting will be held at Onyx Point in Hanover, MD. The goal for this meeting will be to discuss any BUG topics, or general issues, followed by a talk on Xorg and fun with local root privileges.
Michael Shirk will be giving a talk about the events that unfolded at the end of October 2018 with an interesting local root privilege escalation bug in the Xorg server. He will discuss what happened as details emerged and how the vulnerability impacted FreeBSD and OpenBSD. At the end of the talk, attendees are invited to join in on an interactive search for all of the setuid/setgid binaries in a base install of FreeBSD and OpenBSD as well as ports that install setuid/setgid binaries to highlight the issues with root privileges.
NOTE: This talk will occur on Wednesday, November 28th.