On 2015-11-27 09:09:37 -0500, The Wanderer wrote: > On 2015-11-22 at 19:45, Brian wrote: > > Quoting: > > > > There are 2 reasons for this change: > > > > 1) It is needed to make Xorg run without root rights > > Which has never been necessary before... > > I can see why it would be desirable to make it possible to run (as > opposed to launch) X under the UID of a non-root user, but IMO the > tradeoff here is not worth it - or, rather, pushing that tradeoff on > every user automatically (rather than leaving the existing behavior in > place, and enabling each user to decide for him- or herself on the > relative merits of the tradeoff) is not worth it. > > (This also doesn't explain _why_ achieving that goal requires this > change... and although I can guess, the details might still be helpful.)
Due to /dev/tty* permissions? But IMHO, a better and more secure fix should have been something else. Since X is a client-server system, I don't see why it would need all the privileges of the current user (similarly a SUID root program can drop privileges when need be). -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <https://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
