airlied at gmail.com
Thu May 29 15:10:18 PDT 2008
On Fri, May 30, 2008 at 6:16 AM, Xavier Toth <txtoth at gmail.com> wrote:
> On Thu, May 29, 2008 at 3:04 PM, Alan Coopersmith
> <Alan.Coopersmith at sun.com> wrote:
>> Xavier Toth wrote:
>>> I saw something that implied that a version of this interface would be
>>> working its way into X so that other OSs could take advantage of the
>>> additional security offered by having gdm restart the X server as the
>>> login user instead of root. Has anything happened regarding this
>> Getting it ready to propose to X.Org is somewhere down on my todo list,
>> for now it's sitting in our OpenSolaris/Solaris Xorg port as one of our
>> platform specific patches.
>> If there's interest in it, I can try to get to it sooner, but didn't know
>> that anyone outside Sun cared.
>> -Alan Coopersmith- alan.coopersmith at sun.com
>> Sun Microsystems, Inc. - X Window System Engineering
> There is an ongoing discussion on the SELinux mailing list about X
> policy development that has touched on the fact that the xserver is
> run as root and not the logged in user. Eamon can probably second this
> but I'd say everyone involved in the discussion thinks this would be a
> good thing.
Running the X server as the user is in our upcoming plans for Fedora.
There is a lot of things that need fixing before this can happen in
Getting X away from the hardware is quite a big step.
More information about the xorg