Bug#292441: X wrapper, -config, -xf86config, etc
On Wed, Apr 12, 2006 at 01:33:57AM +0200, Yann Dirson wrote:
> On Wed, Apr 12, 2006 at 01:23:53AM +0300, Daniel Stone wrote:
> > > Anyway... although -xf86config is not documented any more in Xorg.1,
> > > the flag is still accepted, and then as expected I can get my
> > > server...
> >
> > -xf86config, -xorgconfig, -modulepath, and -logpath all need to be
> > added. (cf. Xorg #6213.)
>
> Hm. #6213 is about a recent issue, which surely has nothing to do
> with the issue that existed in 1997, right ? And if I understand
> well, there are available fixes for Xorg itself, so I do not see a
> need to hack the wrapper for this. What do I miss ? What is the link
> between that old issue and the new one ?
The link is that #6213 was a fix for the fact that unprivileged users
could use the -modulepath option, which allows you to say X -modulepath
~/foo, where ~/foo contains a bunch of modules with code you wrote. The
X server runs as root.
The -modulepath option didn't exist in 1997.
> The behaviour described for -*config is to allow non-root users to use
> root-defined configs. If there is a real security problem with that,
> it would be good practice to describe the issue in the Xorg manpage,
> and try to work out an alternative it a full solution cannot be found.
-*config, -modulepath and -logpath are all documented as only being
available to root. -*config and -modulepath because you can execute
arbitrary code of your choice as root; -logpath because running Xorg
-logpath /lib/ld-linux.so.1, is a good way to kill a system.
> The problem I see with that 1997 issue, is that it does not point to a
> CVE or any other security-related issue. Not even to a BTS entry.
Well, CVE didn't exist in 1997, so that would be kind of difficult.
Reply to: