Tweet
Originally posted by jacob
View Post
-
runs under an normal user (instead of "root") -
I'm surprised this potential security hole wasn't fixed years ago. At least there's progress now, it'll be great when the drivers and login managers finally catch up.Comment
-
Care to explain what the security risk is? AFAIK the biggest X threat is via the network transparency protocols. The ordinary user hardly can interfere with root owned X11 process?Originally posted by Tom B View PostComment
-
Simply put, anything which exploits any part of the X server is running as a process with root privileges. It breaks the principle of least privilege, although likely difficult to exploit it's almost certainly not impossible. Any software that communicates with X could potentially exploit part of it and get root privileges, now it's unlikely but given the common sense approach of "don't run stuff as root", running X as root has always been a bit of an oversight.Comment
-
It was pretty much impossible before they moved the hardware management code out of X and into the kernel. Which has taken a long time to get working.Originally posted by Tom B View PostComment
-
Should this prevent X taking down the whole system? I've always had an issue where X crashes, the whole system becomes unresponsive, forcing a manual power down.Comment
-
No, not running as root won't affect its ability to bring down your system.Comment
Comment