Re: Debian X package shouldn't install XDM by default
Ilya Martynov wrote:
>
>CI> Could somebody, please, enlighten me!
>CI> I've never been able to understand what the advantage of XDM (and the
>CI> other XDM alternatives) is, over a console:
>
>CI> What's the use of all that XDM (and the like) extra cruft? The
>CI> diffrence, as I see it, is 6 letters and a ^M. My recommendation has
>CI> always been the above. But I want to see the light :)
>
>One advantage is better security. You don't need suid X server
>binary. X server needs root right to be able to work with you graphic
>card. If you use xdm it starts X server itself. Because xdm runs as
>root it can start X server as root without making X server binary
>suid. If you start X server via startx your X server binary have to be
>suid.
There's another point - if you've logged on on the console then any
random user can hit ctrl-alt-f1 to go back there, hit ctr-c or similar
and hijack your session. Despite screen locks etc...
--
Steve McIntyre, Cambridge, UK. stevem@chiark.greenend.org.uk
Getting a SCSI chain working is perfectly simple if you remember that there
must be exactly three terminations: one on one end of the cable, one on the
far end, and the goat, terminated over the SCSI chain with a silver-handled
knife whilst burning *black* candles. --- Anthony DeBoer
Reply to: