[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#2138: mach8 xserver is not suid root

When I started X, I got a complaint (from the server) that it was not
installed suid root.

Was 'X' a wrapper program before?

In retrospect, my problem was obviously one of a botched upgrade.  My
'X' file was a symlink to XF86_Mach8.

Should the error message be changed?

Thanks, and sorry for the false alarm.


> On Mon, 15 Jan 1996, Jeff Noxon wrote:
> > -rwxr-xr-x   1 root     root      2301465 Dec 14 11:11 /usr/bin/X11/XF86_Mach8
> > 
> > This file should be suid root.
> No it shouldn't. This is a feature, not a bug. If the X server is SUID 
> root then it is a security hole - any user who has an account on the 
> machine can implement a false login program attack trivially.
> In Debian, /usr/X11R6/bin/X is a small, SUID root wrapper program which 
> reads /etc/X11/Xserver to find out which server to run, and who is 
> allowed to run it. This program is part of the xbase package.
> Steve Early
> sde1000@cam.ac.uk

Reply to: