Xserver needs to run as "root" on Linux / was: Re: [Xorg] Server side widgets
Jakub Piotr Cłapa
loc at toya.net.pl
Wed Jul 14 12:11:10 PDT 2004
Alan Cox wrote:
> On Mer, 2004-07-14 at 17:55, Jakub Piotr Cłapa wrote:
>
>>But there is a problem with a mallicious user killing a logged in session.
>>
>>The exclusive keyboard would allow us to configure programs used for
>>logging in (mingetty, xdm) and make sure no other processes can capture
>>passwords. It seems secure to me and definitely more flexible than any
>>builtin kernel login demons.
>
> You also have to know that the "mingetty" you are looking at is the real
> thing.
If it is not it won't receive any keypresses in the special mode.
> Thats one thing SAK solves definitively. With regards to
> killing sessions, SAK is assuming console access so the user is also
> typically capable of removing the power, putting an axe through the
> monitor and a number of other hard to defend techniques for killing
> logged in sessions.
It is possible to secure the hardware. We are not talking about typical
cases, because these are mostly single-user, private installations.
--
Regards,
Jakub Piotr Cłapa
More information about the xorg
mailing list