-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dave Airlie wrote: > On Mon, 2009-08-03 at 15:08 +0530, Rahul Sundaram wrote: >> Hi >> >> A few days back I ran into >> >> http://lists.x.org/archives/xorg-devel/2009-July/001293.html >> >> I am wondering, since we are already using KMS in most places in Fedora, >> how far are we from achieving this by default in a Fedora release? > > non-root X is a big security hole at the moment, and until we get > revoke() support in the kernel, we can probably move X to running as a > special user, and maybe once we get revoke to running as the real user. > > However it doesn't solve the issue how we know we need or don't need > root since X only figures out what graphics drivers are needed after > starting, so if you needed a non-kms gpu driver we wouldn't know > until after we'd started as non-root. > > Dave. > Could permissions be raised temporarily? PolicyKit with (defaulted) auto-approve to load an appropriate driver? - --Ben (not an X/PolicyKit/kernel hacker) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkp6a/MACgkQiPi+MRHG3qS4LQCgisF3c37SJLn70JH8+IrAQ8tY 3GUAoL9joLSIWENC02z8tOq4c8fZijFB =Sv5U -----END PGP SIGNATURE----- -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
