From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.7.8) Gecko/20050512 Firefox/1.0.4 Description of problem: In an Enterprise environment, it is not a good idea to supply root passwords to every user in the company. Also, it is taking up too much time for admins to go around and fix every little request for display resolution changes (we have hundreds of clients) Therefore I would suggest adding a policy file for redhat-config-xfree86 that admins can set up an option (maybe in /etc/sysconfig) that either prompts for a root password or doesn't when people run this program. That way if some companies want a root password to be asked for every time, they can have that behavior, and if they don't want the root password to be asked for, they can have that behavior as well. In order for this to work, I am assuming you would have to change the configuration program to be setuid root so that you could modify the /etc/X11/XFree86 file as a non-root user even though it is a root owened file. This change request is not only for Redhat Enterprise 3, but 4, and Fedora as well. Version-Release number of selected component (if applicable): redhat-config-xfree86-0.7.7-1 How reproducible: Always Steps to Reproduce: 1. Try to change display resolution as non-root user with redhat-config-xfree86 Actual Results: Root password prompted for. Expected Results: Display resolution would be changed without having to be root. Additional info:
system-config-display modifies the X server config file directly. This is something that mandatorily requires root priveledges to run. Granting this permission to all users, or any other users would give priveledge escalation to those users, as it is possible to modify the X server configuration to gain additional priveledges. You can change the root window size using the xrandr utility as a non-root user, or by using the display properties tab. If you have users which you trust to run the X config utility, you can use "sudo" to provide limited non-root access to the command. In a future upstream X.Org X release, more and more global X server settings which are currently globally stored in xorg.conf are going to become per-user and stored in a per-user location. For the time being however, the X server configuration utilities are root-only. Closing request "WONTFIX" as implementing this would be a serious security hole in the OS.