[PATCH xserver] xorg-wrapper: when starting the server as root, reset its environment
Julien Cristau
jcristau at debian.org
Mon Oct 19 03:57:38 PDT 2015
On Mon, Oct 19, 2015 at 10:43:45 +0200, Hans de Goede wrote:
> Hi,
>
> On 18-10-15 19:26, Julien Cristau wrote:
> >When the server is privileged, we shouldn't be passing the user's
> >environment directly.
> >
> >Signed-off-by: Julien Cristau <jcristau at debian.org>
>
> I've no real objections against this, and I can see this being a good
> thing from a security pov, but I'm afraid this may cause regressions.
>
> Before we had the wrapper the server itself used to be suid-root,
> and none of the code for dealing with that has been removed (the server
> can still be build that way). So I would expect the server to sanitize
> its environment itself...
>
> So I've 2 questions:
>
> 1) Is there any concrete reason why this is necessary ?
Enabling logind support means pulling in libdbus, which I didn't want to
do without addressing
https://bugs.freedesktop.org/show_bug.cgi?id=52202
https://bugs.freedesktop.org/show_bug.cgi?id=83849
Cheers,
Julien
More information about the xorg-devel
mailing list