On Mon, Oct 19, 2015 at 10:43:45 +0200, Hans de Goede wrote: > Hi, > > On 18-10-15 19:26, Julien Cristau wrote: > >When the server is privileged, we shouldn't be passing the user's > >environment directly. > > > >Signed-off-by: Julien Cristau <[email protected]> > > I've no real objections against this, and I can see this being a good > thing from a security pov, but I'm afraid this may cause regressions. > > Before we had the wrapper the server itself used to be suid-root, > and none of the code for dealing with that has been removed (the server > can still be build that way). So I would expect the server to sanitize > its environment itself... > > So I've 2 questions: > > 1) Is there any concrete reason why this is necessary ?
Enabling logind support means pulling in libdbus, which I didn't want to do without addressing https://bugs.freedesktop.org/show_bug.cgi?id=52202 https://bugs.freedesktop.org/show_bug.cgi?id=83849 Cheers, Julien _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
