Should /usr/bin/Xorg (still) be setuid-root?
Andrew Lutomirski
luto at mit.edu
Wed Jan 8 23:09:21 UTC 2014
On Wed, Jan 8, 2014 at 2:58 PM, Peter Hutterer <peter.hutterer at who-t.net> wrote:
> On Wed, Jan 08, 2014 at 01:14:08PM -0800, Andrew Lutomirski wrote:
>> /usr/bin/Xorg is, and has been, setuid-root just about forever. I'm
>> wondering whether there's any good reason for it to remain
>> setuid-root.
>
> http://fedoraproject.org/wiki/Changes/XorgWithoutRootRights
This isn't actually the same thing. That proposal suggests running
Xorg as a non-root user. I'm proposing dropping the setuid bit on the
binary, which will have no effect on the uid of the running server.
(Of course, my suggestion will interact w/ that change, since the
process that starts Xorg will no longer be root.)
It may be that XorgWithoutRootRights will clear the setuid bit as well, though.
--Andy
More information about the devel
mailing list