SDTLOGIN interface

Dave Airlie airlied at gmail.com
Thu May 29 15:10:18 PDT 2008


On Fri, May 30, 2008 at 6:16 AM, Xavier Toth <txtoth at gmail.com> wrote:
> On Thu, May 29, 2008 at 3:04 PM, Alan Coopersmith
> <Alan.Coopersmith at sun.com> wrote:
>> Xavier Toth wrote:
>>> I saw something that implied that a version of this interface would be
>>> working its way into X so that other OSs could take advantage of the
>>> additional security offered by having gdm restart the X server as the
>>> login user instead of root. Has anything happened regarding this
>>> interface?
>>
>> Getting it ready to propose to X.Org is somewhere down on my todo list,
>> for now it's sitting in our OpenSolaris/Solaris Xorg port as one of our
>> platform specific patches.
>>
>> If there's interest in it, I can try to get to it sooner, but didn't know
>> that anyone outside Sun cared.
>>
>> --
>>        -Alan Coopersmith-           alan.coopersmith at sun.com
>>         Sun Microsystems, Inc. - X Window System Engineering
>>
>>
>
> There is an ongoing discussion on the SELinux mailing list about X
> policy development that has touched on the fact that the xserver is
> run as root and not the logged in user. Eamon can probably second this
> but I'd say everyone involved in the discussion thinks this would be a
> good thing.
>


Running the X server as the user is in our upcoming plans for Fedora.
There is a lot of things that need fixing before this can happen in
the drivers.

Getting X away from the hardware is quite a big step.

Dave.



More information about the xorg mailing list