xserver: do we still need Fopen() ?
Enrico Weigelt, metux IT consult
info at metux.net
Fri Feb 2 13:45:35 UTC 2024
Hello folks,
I wonder whether we still need the Fopen() function.
It's a funny and complicated way of loading a file with dropped privs
(by calling `cat` on that file !).
The only call site is LoadAuthorization() (auth.c) for loading the
Xauthority file (if one was passed to xserver via -auth arg). But this
doesn't make much sense to me: why should the xserver - if started as
root (but dropping privs) - be prevented from reading an xauth file ?
And do we still need the complicated exec'ing code path ?
And is there still any need to run it as root at all ?
Am I missing something ?
--mtx
--
---
Hinweis: unverschlüsselte E-Mails können leicht abgehört und manipuliert
werden ! Für eine vertrauliche Kommunikation senden Sie bitte ihren
GPG/PGP-Schlüssel zu.
---
Enrico Weigelt, metux IT consult
Free software and Linux embedded engineering
info at metux.net -- +49-151-27565287
More information about the xorg-devel
mailing list