> Date: Mon, 13 Jan 2003 10:08:50 -0500 (EST) > From: "Mike A. Harris" <[EMAIL PROTECTED]> > Sender: [EMAIL PROTECTED] > > On Mon, 13 Jan 2003, Dr Andrew C Aitchison wrote: > > >> (on my Debian 3.0 XFree86 has the mode bits 4711 -- there's no need for > >> anybody to read the binary and it makes harder, in principle, for Evil > >> Hackers to look for holes in it if they can't read it) > >> > >> I still think it would be great if the X server gave an error message > >> along the above lines -- it would even know whether the chown or chmod > >> command could be left out (if either the owner or the suid bit was already > >> correct). > > > >It isn't clear what the "correct" permissions are. > >Setting the "sticky" or suid bit (the 4 in chmod 4711) makes the machine > >slightly less secure, so you don't set it unless you need to. > > The sticky bit, and the suid bit are 2 different things. Also, > in Linux systems, the sticky bit only has a meaning on > directories, but not on regular files. The sticky bit on > directories has the effect of making files only deleteable, etc. > by the owner of the files in that directory. > > For the benefit of others whom might be reading this and are > unfamiliar with the somewhat mysterious sticky bit, here's a snip > from man chmod: > > STICKY FILES > On older Unix systems, the sticky bit caused executable files to be > hoarded in swap space. This feature is not useful on modern VM sys- > tems, and the Linux kernel ignores the sticky bit on files. Other ker- > nels may use the sticky bit on files for system-defined purposes. On > some systems, only the superuser can set the sticky bit on files. > > > >Many distributions come configured to start X with xdm, kdm or > >gdm. In that case the suid bit isn't needed, since these > >programs are already running as root. You only need that bit if > >you need to allow ordinary users to run startx. On many systems > >you don't need to do that, so it is reasonable for Red Hat and > >Debian to ship XFree86 with the bit not set. > > The setuid bit is required to start the server as non-root as > you've said, however if one is concerned about security on a > machine, one should not be running X as root at all on the > machine, and so making the X server mode 755 so it is only > useable by root, doesn't gain anything securitywise. > > Running X as a normal user is by far much more secure than > running it as root, as the X server gives up it's priveledges > after it does the things it requires root priveledges for at > startup time. > > Any machine requiring more security than that, shouldn't have X > installed on it at all (IMHO).
The original poster sis not say what OS he was running, but FreeBSD never installs the X server SUID. Instead it uses a separate Xwrapper which is SUID and greatly limits the amount of code executing at elevated privs. This is all a "good thing", but the wrapper must be re-built and installed every time a new server is installed. R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: [EMAIL PROTECTED] Phone: +1 510 486-8634 _______________________________________________ XFree86 mailing list [EMAIL PROTECTED] http://XFree86.Org/mailman/listinfo/xfree86
