Should /usr/bin/Xorg (still) be setuid-root?

Andrew Lutomirski luto at
Wed Jan 8 23:09:21 UTC 2014

On Wed, Jan 8, 2014 at 2:58 PM, Peter Hutterer <peter.hutterer at> wrote:
> On Wed, Jan 08, 2014 at 01:14:08PM -0800, Andrew Lutomirski wrote:
>> /usr/bin/Xorg is, and has been, setuid-root just about forever.  I'm
>> wondering whether there's any good reason for it to remain
>> setuid-root.

This isn't actually the same thing.  That proposal suggests running
Xorg as a non-root user.  I'm proposing dropping the setuid bit on the
binary, which will have no effect on the uid of the running server.
(Of course, my suggestion will interact w/ that change, since the
process that starts Xorg will no longer be root.)

It may be that XorgWithoutRootRights will clear the setuid bit as well, though.


More information about the devel mailing list