166806 – root password required to change display resolution

Bug 166806 - root password required to change display resolution

Summary: root password required to change display resolution

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Enterprise Linux 3
Classification:	Red Hat
Component:	redhat-config-xfree86
Sub Component:
Version:	3.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Søren Sandmann Pedersen
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-08-25 22:18 UTC by David Meleedy
Modified:	2014-06-18 09:07 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-03-07 09:56:38 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description David Meleedy 2005-08-25 22:18:19 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.7.8) Gecko/20050512 Firefox/1.0.4

Description of problem:
In an Enterprise environment, it is not a good idea to supply root passwords
to every user in the company.  Also, it is taking up too much time for
admins to go around and fix every little request for display resolution
changes (we have hundreds of clients)

Therefore I would suggest adding a policy file for redhat-config-xfree86
that admins can set up an option (maybe in /etc/sysconfig) that either
prompts for a root password or doesn't when people run this program.

That way if some companies want a root password to be asked for every time,
they can have that behavior, and if they don't want the root password to be
asked for, they can have that behavior as well.

In order for this to work, I am assuming you would have to
change the configuration program to be setuid root so that you could modify
the /etc/X11/XFree86 file as a non-root user even though it is a root
owened file.

This change request is not only for Redhat Enterprise 3, but 4, and Fedora
as well.

Version-Release number of selected component (if applicable):
redhat-config-xfree86-0.7.7-1

How reproducible:
Always

Steps to Reproduce:
1. Try to change display resolution as non-root user with redhat-config-xfree86

Actual Results:  Root password prompted for.

Expected Results:  Display resolution would be changed without having to be root.

Additional info:

Comment 1 Mike A. Harris 2006-03-07 09:56:38 UTC

system-config-display modifies the X server config file directly.  This is
something that mandatorily requires root priveledges to run.  Granting this
permission to all users, or any other users would give priveledge escalation
to those users, as it is possible to modify the X server configuration to
gain additional priveledges.

You can change the root window size using the xrandr utility as a non-root
user, or by using the display properties tab.  If you have users which you
trust to run the X config utility, you can use "sudo" to provide limited
non-root access to the command.

In a future upstream X.Org X release, more and more global X server settings
which are currently globally stored in xorg.conf are going to become per-user
and stored in a per-user location.  For the time being however, the
X server configuration utilities are root-only.

Closing request "WONTFIX" as implementing this would be a serious security
hole in the OS.

Note You need to log in before you can comment on or make changes to this bug.