Summary: | x11-base/xorg-server: allow to run as non-root | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | wbrana |
Component: | New packages | Assignee: | Gentoo X packagers <x11> |
Status: | RESOLVED DUPLICATE | ||
Severity: | enhancement | CC: | nikoli, taaroa |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://bugs.freedesktop.org/show_bug.cgi?id=51913 | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
patch for testing, insert some UID except 0 instead of SOME USER ID
better patch |
(In reply to comment #0) > xorg-server shouldn't run as root. What user should X be run as? References: http://lists.x.org/archives/xorg-devel/2009-July/001295.html http://lwn.net/Articles/341033/ http://lwn.net/Articles/341035/ http://www.phoronix.com/scan.php?page=news_item&px=NzM2MA https://wiki.ubuntu.com/X/Rootless I'm using user xorg example: 1. add new user xorg useradd -u 600 -d /dev/null -s /sbin/nologin xorg 2. replace SOME USER ID with 600 in patch Created attachment 317692 [details, diff]
better patch
1. uid of user xorg is read from /etc/passwd
2. if setuid to user xorg fails Xserver is terminated
upstream bug https://bugs.freedesktop.org/show_bug.cgi?id=51913 I think USE=suid and a solution to bug 556834 will solve this in a better way. It's not a direct duplicate, but... *** This bug has been marked as a duplicate of bug 556834 *** |
Created attachment 317362 [details] patch for testing, insert some UID except 0 instead of SOME USER ID xorg-server shouldn't run as root.