[PULL to discuss] Remove kdrive, Xnest, and Xvfb

[Alan Coopersmith]

On 03/26/12 06:01 PM, Alan Coopersmith wrote:
> On 03/26/12 04:13 PM, Jeremy Huddleston wrote:
>> These need to die.  This removes 30K lines of code from xorg-server.  It must be good!
>>
>> Most functionality of these servers can be provide by Xorg with either the nested or dummy video driver.  If someone really misses functionality, we should fix that deficiency in hw/xfree86, xf86-video-dummy, or xf86-video-nested.  Also, there's nothing stopping anyone from using older server versions if they still need these DDXs.
> 
> The giant blocker from my point of view is that by just deleting them, you've
> made it impossible for non-root users to run them, since Xorg only reads config
> files from system directories when run as a root user.

Oh, and there's probably at least two other alternative solutions to this too:

 a) install a non-setuid-root copy of Xorg and have Xnest/Xephyr/Xvfb run that

 b) have the config file parser recognize 'safe' vs. 'unsafe' options, and only
    accept config files from non-root users that contain purely safe options
    (e.g. no ModulePath that lets them specify their own modules to load and run
     with root privs).

Of course, besides (a) being much less work and much less risky if you make a
mistake, it's also preparing for the dream of a Xorg server that can run
without root privs someday, while the huge amount of work for (b) would end up
being wasted if that day ever comes to pass.

-- 
	-Alan Coopersmith-              alan.coopersmith at oracle.com
	 Oracle Solaris Engineering - http://blogs.oracle.com/alanc