Bug 1206 - X server should not run as root continuously.
Summary: X server should not run as root continuously.
Status: RESOLVED DUPLICATE of bug 2407
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: git
Hardware: All Solaris
: high normal
Assignee: Xorg Project Team
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-08-27 09:04 UTC by Stuart Kreitman
Modified: 2005-06-27 21:03 UTC (History)
3 users (show)

See Also:
i915 platform:
i915 features:

Attachments

Description Stuart Kreitman 2004-08-27 09:04:14 UTC 
This severely impact the security of the Xorg server; any
bug in it will completely compromise the system.
Comment 1 Matthieu Herrb 2004-08-27 12:34:14 UTC 
I've implemented privilege separation in the X server for OpenBSD. I still 
plan to integrate this in the main stream one day or the other (at least in 
the current form, enabled for OpenBSD only). 
It needs a bit of work to be ported on Linux, but I think it's doable. 

Another option I've investigated in the past is running the X server under
systrace (http://www.citi.umich.edu/u/provos/systrace/), using its privilege
elevation mode. This helps identifying the operations that require privileges.

<ftp://ftp.laas.fr/pub/ii/matthieu/xf86-sec.pdf>
Comment 2 Adam Jackson 2005-06-28 14:03:15 UTC 
same issue as #2407 really.  privsep is a bit different.

*** This bug has been marked as a duplicate of 2407 ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.