[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-devel
Subject:    Re: Debian X package shouldn't install XDM by default
From:       Ilya Martynov <m_ilya () agava ! com>
Date:       2001-04-17 8:35:16
[Download RAW message or body]


>> One advantage is better security. You don't need suid X server
>> binary. X server needs root right to be able to work with you graphic
>> card. If you use xdm it starts X server itself. Because xdm runs as
>> root it can start X server as root without making X server binary
>> suid. If you start X server via startx your X server binary have to be
>> suid.

P> I don't see an advantage there, if you have to run xdm as root,
P> then your security can be compromised by xdm.

xdm is started from init scripts, suid X server started by user.
In fisrt case program is started in relatively safe environment, in
second case environment can be very hostile.

-- 
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| Ilya Martynov (http://martynov.org/)                                    |
| GnuPG 1024D/323BDEE6 D7F7 561E 4C1D 8A15 8E80  E4AE BE1A 53EB 323B DEE6 |
| AGAVA Software Company (http://www.agava.com/)                          |
 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[prev in list] [next in list] [prev in thread] [next in thread]