[PATCH xserver] check for elevated privileges rather than just euid=0

Antoine Martin antoine at nagafix.co.uk
Thu Oct 6 23:09:44 PDT 2011

On 07/10/11 02:00, Jeremy Huddleston wrote:
> I don't know if xf86PrivsElevated is the right name for this API.  Users might have access even without *elevated* privs.  What we really want to know is if the user is privileged, and I can see us eventually updating the implementation of this call to reflect changes in access controls.  Perhaps something like xf86IsPrivileged()
I don't think xf86IsPrivileged() is the right name / check.
Quick recap for all: we want to ensure that the command line switches
protected by this check cannot be used to:
1) load modules "as-root" from user controlled locations with "-modulepath"
2) write to a user specified file "as-root" with "-logfile"
3) load config files from absolute paths with "-config"
4) I had also changed the code around:
fcntl(fileno(stderr), F_SETFL, status | O_NONBLOCK);
And now I don't think this was the right thing to do, anyone?

We want to allow these options:
1) if the user *is not* privileged (ie: non-suid Xorg binary)
2) if the user *is* privileged (ie: running Xorg as root directly)
Just not when the user is running with elevated privileges (ie: suid Xorg)
The name xf86IsPrivileged() would not make this clear to the caller.
(makes it sound more like a glorified "is-root" check to me)

Anyway, I will already have to re-submit the patch as I need to
incorporate Tormod's comments on the location of the static fields.
So if we can just agree on a meaningful name...


> --Jeremy
> On Oct 6, 2011, at 6:05 AM, Antoine Martin wrote:
>> This allows us to run the server as a normal user whilst still
>> being able to use the -modulepath, -logfile and -config switches
>> We define a xf86PrivsElevated which will do the checks and cache
>> the result in case it is called more than once.
>> Also renamed the paths #defines to match their new meaning.
>> Original discussion which led to this patch can be found here:
>> http://lists.freedesktop.org/archives/xorg-devel/2011-September/025853.html
>> Signed-off-by: antoine <antoine at nagafix.co.uk>
>> <0001-xserver-check-for-elevated-privileges-rather-than-ju.patch>_______________________________________________
>> xorg-devel at lists.x.org: X.Org development
>> Archives: http://lists.x.org/archives/xorg-devel
>> Info: http://lists.x.org/mailman/listinfo/xorg-devel
> ---
> Jeremy Huddleston
> Rebuild Sudan
>  - Board of Directors
>  - http://www.rebuildsudan.org
> Berkeley Foundation for Opportunities in Information Technology
>  - Advisory Board
>  - http://www.bfoit.org

More information about the xorg-devel mailing list