On Mon, Jan 20, 2014 at 11:29 AM, drago01 <drago01@xxxxxxxxx> wrote: > On Mon, Jan 20, 2014 at 10:08 AM, Hans de Goede <hdegoede@xxxxxxxxxx> wrote: >> Hi All, >> >> As indicated here: >> https://fedoraproject.org/wiki/Changes/XorgWithoutRootRights >> >> I'm working on making the X server run as a regular user. I actually have >> this >> pretty much working. >> >> So now it is time to start looking into some of the corner cases, or rather >> at >> the elephant in the room. What about non-kms drivers. We still have the vesa >> driver around as most prominent example, and this is useful for some oddball >> cards and for cards which are too new. >> >> I would like to not break the vesa driver, while still killing the suid bit >> on >> the X server. >> >> I'm currently thinking about implementing the following solution: >> >> 1) Make the X server a regular binary without any special rights >> >> 2) Implement a small suid root wrapper which gets the Xorg name and >> launches the real Xorg binary. >> >> This wrapper will search for kms capable cards and if one is found drop >> all root rights before executing the real Xorg binary. If no kms capable >> cards are found it will execute the real Xorg binary with root rights. >> >> 3) Put this wrapper in a separate package, make it part of comps so it >> will get installed by default, but don't depend on it in any packages >> so that security sensitive users can simply do >> "rpm -e xorg-x11-server-suid-helper" > > That will break badly for upgrades. If someone is using a ums driver, upgrades > and nothing pulls in the helper he / she will end up with a broken setup. (sent to eerily). So we should just let ums drivers require it. (Because they technically do require it after all). A user that does not use ums drivers can still remove (along with the drivers). -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
