[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: su/sudo cannot X



I wrote:
> Because neither X nor any X applications are secure.

Lei writes:
> True, root X session over network is insecure...

True, but not what I meant.

> What is the security concern for local root X session?

X and X applications are exceedingly complex, unaudited, and likely to be
chock full of buffer overruns, format string vulnerabilities, and other
nasties.  Consider the segfaults and memory leaks in Firefox, for example.

It only makes sense that you should want to run as little code as possible
as root.  X drags in cubic miles of it.
-- 
John Hasler 
john@dhh.gt.org
Elmwood, WI USA



Reply to: