Re: Should /usr/bin/Xorg (still) be setuid-root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

On 01/09/2014 09:52 PM, Andrew Lutomirski wrote:

On Thu, Jan 9, 2014 at 11:43 AM, Hans de Goede <hdegoede@xxxxxxxxxx> wrote:

Hi,


On 01/09/2014 12:09 AM, Andrew Lutomirski wrote:


On Wed, Jan 8, 2014 at 2:58 PM, Peter Hutterer <peter.hutterer@xxxxxxxxx>
wrote:


On Wed, Jan 08, 2014 at 01:14:08PM -0800, Andrew Lutomirski wrote:


/usr/bin/Xorg is, and has been, setuid-root just about forever.  I'm
wondering whether there's any good reason for it to remain
setuid-root.



http://fedoraproject.org/wiki/Changes/XorgWithoutRootRights



This isn't actually the same thing.  That proposal suggests running
Xorg as a non-root user.  I'm proposing dropping the setuid bit on the
binary, which will have no effect on the uid of the running server.
(Of course, my suggestion will interact w/ that change, since the
process that starts Xorg will no longer be root.)



I don't think that that will be very useful, it will likely cause more
breakage then you think, as various display-managers may already start
Xorg inside the user session, at which point the suid bit is needed,
and as you already said it will break xinit and friends.


This is an empirical question :)  gdm on F20, at least, can still
switch users with the setuid bit cleared.  I'll try to test some more
display managers.


Well starting X inside the user session is necessary for the systemd-logind
integration I'm working on, which in turn is necessary to be able to completely
run X without any root rights at all. So this quite likely is going to be how
X will be started in F-21.


I hope it clears the bit -- I really don't like the fact that 'X :1'
screws with the display.


I'm not sure yet if it will clear the bit, I'm pretty sure I can get things
to work without any root rights for kms drivers (not 100% sure yet), but
ums drivers will fail hard without the suid bit, the ums part of this
needs some thinking (and needs me to dig up a card actually using it).

I might end up deciding to just kill ums support and then see what happens,
but I would rather not, and if I get enough pushback I might revert on
such a decision :)

Regards,

Hans
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux