Re: Bug#2138: mach8 xserver is not suid root
When I started X, I got a complaint (from the server) that it was not
installed suid root.
Was 'X' a wrapper program before?
In retrospect, my problem was obviously one of a botched upgrade. My
'X' file was a symlink to XF86_Mach8.
Should the error message be changed?
Thanks, and sorry for the false alarm.
Jeff
> On Mon, 15 Jan 1996, Jeff Noxon wrote:
>
> > -rwxr-xr-x 1 root root 2301465 Dec 14 11:11 /usr/bin/X11/XF86_Mach8
> >
> > This file should be suid root.
>
> No it shouldn't. This is a feature, not a bug. If the X server is SUID
> root then it is a security hole - any user who has an account on the
> machine can implement a false login program attack trivially.
>
> In Debian, /usr/X11R6/bin/X is a small, SUID root wrapper program which
> reads /etc/X11/Xserver to find out which server to run, and who is
> allowed to run it. This program is part of the xbase package.
>
> Steve Early
> sde1000@cam.ac.uk
Reply to: