Running X as an unprivileged user
mjg59 at srcf.ucam.org
Fri Jun 25 09:35:26 PDT 2010
On Fri, Jun 25, 2010 at 11:12:49PM +1000, Christopher James Halse Rogers wrote:
> Apart from opening /proc/mtrr for writing, which isn't used by any of
> the drivers I've inspected and certainly by none of the KMS drivers, it
> seems the last problem is backlight handling which requires
> prodding /sys/class/backlight/*/brightness. It seems that the way to
> deal with this would be to get a /dev/backlight device interface for
> which udev could set appropriate permissions. This would also clean the
> Intel DDX code somewhat as it wouldn't have to iterate over the list of
> possible /sys paths.
Why not just change the ownership of the sysfs files?
> Does this idea look sane? Are there any obvious pitfalls that I've
> missed here? What would a good /dev/backlight interface look like?
This is easy enough to handle for the single-user situation, but there's
currently no way to handle revoking the open file descriptors from one X
server when you switch to another. A compromised X server could keep
hold of them when you switch and obtain other users' passwords.
Matthew Garrett | mjg59 at srcf.ucam.org
More information about the xorg-devel