[PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment

Julien Cristau jcristau at debian.org
Mon Oct 19 03:57:38 PDT 2015


On Mon, Oct 19, 2015 at 10:43:45 +0200, Hans de Goede wrote:

> Hi,
> 
> On 18-10-15 19:26, Julien Cristau wrote:
> >When the server is privileged, we shouldn't be passing the user's
> >environment directly.
> >
> >Signed-off-by: Julien Cristau <jcristau at debian.org>
> 
> I've no real objections against this, and I can see this being a good
> thing from a security pov, but I'm afraid this may cause regressions.
> 
> Before we had the wrapper the server itself used to be suid-root,
> and none of the code for dealing with that has been removed (the server
> can still be build that way). So I would expect the server to sanitize
> its environment itself...
> 
> So I've 2 questions:
> 
> 1) Is there any concrete reason why this is necessary ?

Enabling logind support means pulling in libdbus, which I didn't want to
do without addressing
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugs.freedesktop.org/show_bug.cgi?id=83849

Cheers,
Julien


More information about the xorg-devel mailing list