I'm not against X running as root. I'm against its unix socket having permissions 777.
2010/3/11 Tony White <[email protected]>: > On 11 March 2010 07:56, Lluís Batlle <[email protected]> wrote: >> I tried, and any other users in my nixos can spawn windows in my >> server, only setting DISPLAY=:0. >> >> Maybe we have something wrong for xauth, the magic auth string, or >> things like that? >> >> Regards, >> Lluís. >> >> 2010/3/11 Steve Roggenkamp <[email protected]>: >>> This is the same as my Debian installation. >>> >>> This is actually a UNIX socket the X Windows server uses for interprocess >>> communication. The socket is owned by the X windows server which runs as >>> root since it has to control the display device. The permissions allow an >>> arbitrary client to connect with the X Windows server. >>> >>> I think this is how all Linux have X Windows configured, or at least my >>> Debian and Ubuntu installations. >>> >>> I'm thinking you would have to change the Xorg code to change the >>> permissions since this socket gets opened when the Xorg server starts. Then >>> I suppose you could create a group that would be allowed to communicate with >>> the socket. I've not done that much coding with UNIX sockets, so I'd have >>> to do some research to know whether this would even be feasible. >>> >>> Hope this makes sense. >>> >>> Steve >>> >>> Lluís Batlle wrote: >>> >>> Hello, >>> >>> using kdm, I found this: >>> $ ls -l /tmp/.X11-unix/X0 >>> srwxrwxrwx 1 root root 0 7 mar 21:51 /tmp/.X11-unix/X0 >>> >>> I don't like those permissions much. Can anyone suggest a better way >>> to handle that in nixos? Why it has permissions 777 and ownership >>> rooot? >>> >>> Regards, >>> Lluís. >>> _______________________________________________ >>> nix-dev mailing list >>> [email protected] >>> https://mail.cs.uu.nl/mailman/listinfo/nix-dev >>> >>> >>> >>> _______________________________________________ >>> nix-dev mailing list >>> [email protected] >>> https://mail.cs.uu.nl/mailman/listinfo/nix-dev >>> >>> >> _______________________________________________ >> nix-dev mailing list >> [email protected] >> https://mail.cs.uu.nl/mailman/listinfo/nix-dev >> > > Hi all, > Rootless X is possible but your prerequisite is a KMS capable driver : > http://lists.x.org/archives/xorg-devel/2009-July/001293.html > So it it wouldn't work of everyone at this time. > > Thanks, > Tony > _______________________________________________ nix-dev mailing list [email protected] https://mail.cs.uu.nl/mailman/listinfo/nix-dev
