F21 System Wide Change: Xorg without root rights
jreznik at redhat.com
Mon Mar 10 09:36:55 UTC 2014
= Proposed System Wide Change: Xorg without root rights =
Change owner(s): Hans de Goede, graphics team <hdegoede at redhat.com>
The Xorg xserver is a large piece of software which currently runs as root,
making it a potential vector for attacks against the system. With recent
changes made to systemd-logind it is possible for the xserver to let systemd-
logind do device management for it, at which point the xserver will no longer
need root rights. Initially this will likely be implemented as the xserver
dropping root rights early on.
== Detailed description ==
Currently work is in progress upstream to add systemd-logind integration to
the xserver, this is expected to land for 1.16, which is expected to be the
xserver with which Fedora 21 will ship. In order for the xserver to be able to
run as a systemd-logind session controller it will need to be started inside a
(pam) user-session, this will require changes to apps starting the xserver,
specifically to display-managers such as gdm.
== Scope ==
In order for the xserver to be able to run as a systemd-logind session
controller it will need to be started inside a (pam) user-session, this will
require changes to apps starting the xserver, specifically to display-managers
such as gdm. This is already being coordinated with gdm and other display-
managers. For Fedora 21 there likely will be a fallback mode where the xserver
will do the device-management itself when not started from a display-manager
which starts it inside a user-session.
Proposal owners: Make the xserver run properly as non-root, or drop root
rights early on
Other developers: Display manager developers may need to make changes to how
the xserver is started, so that it always is started inside a user session.
Note this change is also necessary for display managers which want to support
wayland, as wayland must always be started like this.
Release engineering: N/A
Policies and guidelines: N/A
See Dependencies section  for more details regarding cooperation with DM
More information about the devel-announce