Running X as an unprivileged user

Christopher James Halse Rogers at
Fri Jun 25 06:12:49 PDT 2010

It seems that almost all of the work required to run X without root
privileges has been done, and there are just a couple of loose ends to
tie up before it can work - at least for KMS drivers.

Apart from opening /proc/mtrr for writing, which isn't used by any of
the drivers I've inspected and certainly by none of the KMS drivers, it
seems the last problem is backlight handling which requires
prodding /sys/class/backlight/*/brightness.  It seems that the way to
deal with this would be to get a /dev/backlight device interface for
which udev could set appropriate permissions.  This would also clean the
Intel DDX code somewhat as it wouldn't have to iterate over the list of
possible /sys paths.

Once this is in place, I'd write a patch to check on X startup whether
a) KMS is in use
b) /dev/backlight exists, with appropriate permissions
c) /dev/input/* have appropriate permissions
and in this case drop root privileges.

Does this idea look sane?  Are there any obvious pitfalls that I've
missed here?  What would a good /dev/backlight interface look like?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the xorg-devel mailing list