Announcement

Collapse
No announcement yet.

A Root-less X Server Nears Reality

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • A Root-less X Server Nears Reality

    Phoronix: A Root-less X Server Nears Reality

    One of the benefits of moving the different graphics hardware drivers over to using kernel mode-setting, an in-kernel GPU memory manager (whether it be GEM or TTM), and other newer X innovations is the possibility of now running the X Server without root privileges. By doing so, this of course improves the security since this very large chunk of code is no longer running with all of these high-privileged rights. Due to now living in a KMS-enabled world, at least on the Intel and ATI side (the NVIDIA side is still slowly but surely coming via Nouveau), it's rather easy to get the X Server running without any special rights...

    http://www.phoronix.com/vr.php?view=NzM2MA

  • #2
    Confusing headline, I thought root-less as in without a root window..

    Comment


    • #3
      Originally posted by curaga View Post
      Confusing headline, I thought root-less as in without a root window..
      I do not see anything confusing about it. I wonder what will nvidia do, nouveau's KMS is rather in good shape, all of my cards work flawlessly (260 GTX ~ 9600GT ~ 6600GT ~ 8800GT).

      Comment


      • #4
        Come on Nvidia, go for it damn it.

        Comment


        • #5
          Originally posted by hax0r View Post
          I do not see anything confusing about it. I wonder what will nvidia do, nouveau's KMS is rather in good shape, all of my cards work flawlessly (260 GTX ~ 9600GT ~ 6600GT ~ 8800GT).
          i thought nvidia was not involved at all in nouvueau...

          Comment


          • #6
            Originally posted by krogy View Post
            i thought nvidia was not involved at all in nouvueau...
            Hmm who said that they are, or somebody misunderstood me?

            Comment


            • #7
              The NVIDIA driver just needs access to the /dev/nvidia* files.

              Comment


              • #8
                Originally posted by hax0r View Post
                I do not see anything confusing about it.
                The term "rootless" has a particular meaning with respect to X servers, and that meaning has nothing to do with the superuser. It's exactly as curaga says.

                Comment


                • #9
                  OK, am I missing something here? I use Gentoo linux and binary nvidia drivers. I am able to run X as a user (without root privileges) right now.
                  Last edited by gregy; 07-02-2009, 05:28 AM.

                  Comment


                  • #10
                    Originally posted by gregy View Post
                    OK, am I missing something here? I use Gentoo linux and binary nvidia drivers. I am able to run X as a user (without root privileges) right now.
                    The X executable has its setuid bit set in most distributions.

                    E.g.

                    Code:
                    jeff@tony:~$ stat /usr/bin/X
                      File: `/usr/bin/X'
                      Size: 10472     	Blocks: 24         IO Block: 4096   regular file
                    Device: fc00h/64512d	Inode: 593864      Links: 1
                    Access: (6755/-rwsr-sr-x)  Uid: (    0/    root)   Gid: (    0/    root)
                    Access: 2009-05-02 13:13:07.000000000 +1000
                    Modify: 2009-04-03 18:44:01.000000000 +1100
                    Change: 2009-05-02 13:03:58.000000000 +1000

                    Comment


                    • #11
                      Ohps, you are right, sorry.

                      Comment


                      • #12
                        Originally posted by md1032 View Post
                        The NVIDIA driver just needs access to the /dev/nvidia* files.
                        This is right. For quite some time, the Nvidia binary drivers have been able to run without root privileges.

                        Comment

                        Working...
                        X