Re: Debian X package shouldn't install XDM by default
>> One advantage is better security. You don't need suid X server
>> binary. X server needs root right to be able to work with you graphic
>> card. If you use xdm it starts X server itself. Because xdm runs as
>> root it can start X server as root without making X server binary
>> suid. If you start X server via startx your X server binary have to be
>> suid.
P> I don't see an advantage there, if you have to run xdm as root,
P> then your security can be compromised by xdm.
xdm is started from init scripts, suid X server started by user.
In fisrt case program is started in relatively safe environment, in
second case environment can be very hostile.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
| Ilya Martynov (http://martynov.org/) |
| GnuPG 1024D/323BDEE6 D7F7 561E 4C1D 8A15 8E80 E4AE BE1A 53EB 323B DEE6 |
| AGAVA Software Company (http://www.agava.com/) |
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Reply to: