[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: Debian X package shouldn't install XDM by default
From:       Steve McIntyre <stevem () chiark ! greenend ! org ! uk>
Date:       2001-04-16 16:46:00
[Download RAW message or body]

Ilya Martynov wrote:
>
>CI> Could somebody, please, enlighten me!
>CI> I've never been able to understand what the advantage of XDM (and the
>CI> other XDM alternatives) is, over a console:
>
>CI> What's the use of all that XDM (and the like) extra cruft? The
>CI> diffrence, as I see it, is 6 letters and a ^M. My recommendation has
>CI> always been the above. But I want to see the light :)
>
>One advantage is better security. You don't need suid X server
>binary. X server needs root right to be able to work with you graphic
>card. If you use xdm it starts X server itself. Because xdm runs as
>root it can start X server as root without making X server binary
>suid. If you start X server via startx your X server binary have to be
>suid.

There's another point - if you've logged on on the console then any
random user can hit ctrl-alt-f1 to go back there, hit ctr-c or similar
and hijack your session. Despite screen locks etc...

-- 
Steve McIntyre, Cambridge, UK.                   stevem@chiark.greenend.org.uk
  Getting a SCSI chain working is perfectly simple if you remember that there
  must be exactly three terminations: one on one end of the cable, one on the
  far end, and the goat, terminated over the SCSI chain with a silver-handled
  knife whilst burning *black* candles. --- Anthony DeBoer


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]