[PULL to discuss] Remove kdrive, Xnest, and Xvfb

Alan Coopersmith alan.coopersmith at oracle.com
Mon Mar 26 22:06:30 PDT 2012


On 03/26/12 09:07 PM, Jamey Sharp wrote:
> Maybe I have it right this time: On Debian, there's no problem,
> because /usr/bin/X is a trivial suid wrapper and /usr/bin/Xorg is not
> installed suid. Solaris and other Unixes could take the same approach,
> right?

While I've heard about this before, I've not seen the sources for this wrapper
(can someone provide a pointer?  all I'm finding in google is man pages & bug
reports that reference it)

However, if the suid wrapper allows non-root users to specify arbitrary files
to -config, then it's a dangerous security hole we can't allow (and since the
Debian people aren't stupid, I assume it does not).  If it doesn't allow
-config through, then I don't see how it would help here.

-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc


More information about the xorg-devel mailing list