On 9/22/19 3:08 AM, Leigh Scott wrote:
On Sat, Sep 21, 2019 at 8:33 PM Ty Young <youngty1997(a)gmail.com> wrote:
Fedora and other distributions have been working on rootless Xorg
since 2013. We've had it in place since at least 2015. This change was
made way back in Fedora 24.
Do you mean 'Support non-root X'? if so some DM's still don't support it.
https://github.com/canonical/lightdm/issues/18
...and it's Open Source. Ironic.
Anyway, I did a google search and apparently running X. Org as user
isn't exactly safe either. According to the Gentoo wik[1] a user could
snoop on another user's input. It doesn't go into specifics on how these
are a big deal, but if they are what's even the point of running non
root? Just breaking into the entire system vs. a user?
Not a security expert but if you have user permissions you can do
anything a user could normally do including rebooting, shuttting down,
uploading files to some private server, logging inputs, etc. The user
account is the lowest hanging fruit there is from my understanding.
[1] https://wiki.gentoo.org/wiki/Non_root_Xorg#Security_concerns
This is Nvidia's fault. It was hidden from you because sometimes the
packaging for the proprietary Nvidia driver has forced non-rootless
Xorg. I guess that's no longer the case, oh well. Talk to the packager
for the Nvidia driver, or better yet, talk to Nvidia to get them to
support rootless Xorg properly.
As far as I know we don't force non-rootless X.
I haven't smoked any shrooms yet today(/joke), so it isn't my
imagination By default X. Org runs as user but if you follow the Arch
wiki you can force it to run as root.
Again, this was never an issue during the mid beta but towards the end
of the beta or shortly after release something changed.
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
_______________________________________________
devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
