On Mon, Jan 13, 2003 at 02:01:04PM -0500, Mike A. Harris wrote: >On Mon, 13 Jan 2003, Kevin Oberman wrote: > >>> Any machine requiring more security than that, shouldn't have X >>> installed on it at all (IMHO). >> >> >>The original poster sis not say what OS he was running, but FreeBSD >>never installs the X server SUID. Instead it uses a separate Xwrapper >>which is SUID and greatly limits the amount of code executing at >>elevated privs. >> >>This is all a "good thing", but the wrapper must be re-built and >>installed every time a new server is installed. > >Red Hat Linux also shipped Xwrapper, up until someone informed me >that the XFree86 4.x server itself had incorporated the >functionality of Xwrapper into itself directly. The X server >drops priveledges after they are no longer needed also.
No, the X server doesn't drop privileges. The 4.x XFree86 server does much the same command-line and environment sanitisation as Xwrapper before doing anything else. Neither approach results in the X server running with reduced privileges though. It only helps reduce the likelihood that the command line or environment can be used to exploit a bug. It doesn't help safeguard againt other ways that user-controlled data comes into the X server. A privilege separation method, as Matthieu mentioned, would provide better protection. David -- David Dawes Release Engineer/Architect The XFree86 Project www.XFree86.org/~dawes _______________________________________________ XFree86 mailing list [EMAIL PROTECTED] http://XFree86.Org/mailman/listinfo/xfree86
