On Wed, Jan 8, 2014 at 2:58 PM, Peter Hutterer <peter.hutterer@xxxxxxxxx> wrote: > On Wed, Jan 08, 2014 at 01:14:08PM -0800, Andrew Lutomirski wrote: >> /usr/bin/Xorg is, and has been, setuid-root just about forever. I'm >> wondering whether there's any good reason for it to remain >> setuid-root. > > http://fedoraproject.org/wiki/Changes/XorgWithoutRootRights This isn't actually the same thing. That proposal suggests running Xorg as a non-root user. I'm proposing dropping the setuid bit on the binary, which will have no effect on the uid of the running server. (Of course, my suggestion will interact w/ that change, since the process that starts Xorg will no longer be root.) It may be that XorgWithoutRootRights will clear the setuid bit as well, though. --Andy -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
