Bug 3706
Summary: | font server dies without "su" | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | michael.waite |
Component: | XFree86 | Assignee: | David Lawrence <dkl> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6.0 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-07-15 21:22:06 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
michael.waite
1999-06-24 14:11:46 UTC
you may run the font server as root, but this opens you up to security holes which you are trying to avoid. su is not a security hole, it has been thoroughly audited. Why are you removing it? The next release of our X packages will have XFree86-xfs depend on /bin/su. In the future, the xfs daemon may be rewritten so that it drops root privileges and becomes suid xfs / sgid xfs, but not for this release. scratch that. our next release of X will enable xfs to drop root privileges and become the 'xfs' user if that user is present, if so specified. The init script will be adjusted accordingly. Thanks for the feedback. |