Xserver needs to run as "root" on Linux / was: Re: [Xorg] Server side widgets

Sean Middleditch elanthis at awesomeplay.com
Tue Jul 13 07:06:22 PDT 2004

On Tue, 2004-07-13 at 09:53, Jakub Piotr CÅ‚apa wrote:
> Jon Smirl wrote:

> > The idea of a kernel based login is that it is completely secure and
> > can't be trojaned. A key that can't be intercepted is used to trigger
> > login. The kernel catches this and clears/draws the screen in a way
> > that can't be stopped. The keyboard is then directly read for the login
> > data.
> Looks really Windowish (and fishy) to me...
> Why is this better than x/g/w/xdm? AFAIR from the beggining Unixes used 

I log in.  I make a program that paints a full-screen window identical
to GDM, but it takes the user names/passwords and mails them to me.  A
user sits down, tries to log in, and poof, I stole their login

This is why Windows has the "Push ctrl-alt-delete to login" window on
most corporate workstations.  The kernel and _only_ the kernel can catch
and process ctrl-alt-delete.

I'm not at all convinced that the actual login screen and daemon needs
to be in the kernel at all, but there does need to be a way to 100%
guarantee that you are at the real login screen; kernel-level checks
using a kernel-only key sequence is one way to do this.  Perhaps the
kernel can, upon receiving the key-combination, open a new VT and launch
a specific binary (GDM/KDM/etc) on it?  The only way to trojan that
would be to over-write the login manager binaries or somehow get access
to control a VT owned by root/login-manager-user, which shouldn't be any
easier than cracking the kernel login system, no?

> (min)getty+login for logging in on text terminals and it works without 
> problems (I can event change mingetty to fbgetty to get some fancy 
> graphic into the framebuffer).
> What make graphic consoles different?

Nothing.  The security problem is there with mingetty as well.  The same
system discussed here could potentially be used to alleviate that
problem as well.

Sean Middleditch <elanthis at awesomeplay.com>
AwesomePlay Productions, Inc.

More information about the xorg mailing list