[PULL to discuss] Remove kdrive, Xnest, and Xvfb
Matthieu Herrb
matthieu.herrb at laas.fr
Mon Mar 26 23:10:49 PDT 2012
On Mon, Mar 26, 2012 at 10:06:30PM -0700, Alan Coopersmith wrote:
> On 03/26/12 09:07 PM, Jamey Sharp wrote:
> > Maybe I have it right this time: On Debian, there's no problem,
> > because /usr/bin/X is a trivial suid wrapper and /usr/bin/Xorg is not
> > installed suid. Solaris and other Unixes could take the same approach,
> > right?
>
> While I've heard about this before, I've not seen the sources for this wrapper
> (can someone provide a pointer? all I'm finding in google is man pages & bug
> reports that reference it)
>
> However, if the suid wrapper allows non-root users to specify arbitrary files
> to -config, then it's a dangerous security hole we can't allow (and since the
> Debian people aren't stupid, I assume it does not). If it doesn't allow
> -config through, then I don't see how it would help here.
Please, not a wrapper again. The wrapper doesn't bring much in terms of
security since the controlled Xorg is still run with elevated
privileges when needed.
Revoking privileges when not needed can be done inside Xorg itself
(see the privilege separation changes in the obsd branch of
~herrb/xserver for an example).
And not introducing new bugs in the additional code inside the X
server is not really more difficult than not creating bugs in the
wrapper.
--
Matthieu Herrb
More information about the xorg-devel
mailing list