Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[Solved] Non root Xorg on AMD video cards
View unanswered posts
View posts from last 24 hours

Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8  
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
kajzer
l33t
l33t


Joined: 27 Nov 2014
Posts: 897

PostPosted: Thu Aug 06, 2020 4:56 pm    Post subject: Reply with quote

I think Linus said that it's a best release ever.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 16508

PostPosted: Fri Aug 07, 2020 1:15 am    Post subject: Reply with quote

Anon-E-moose wrote:
Hu, I wonder if the suid-wrapper could be enhanced to do what you envision?
It's not a very big program, starts up, makes a few decisions and then spawn the real Xorg.
Probably, although if the helper is on the far side of an execve call, then you also need to create an explicit mechanism for informing the peer of the pipe's number. When both sides are forked from the same initial process, the shared global state can provide that information. Passing that number should be easy compared to the other features requested, though. Your approach would also have the useful properties that the privileged helper is smaller and has its own ASLR load addresses, both of which could help to harden it against any exploits missed by the audit.
Ant P. wrote:
Fork-and-drop-root security is something X should've learned to do when it was still called Xfree86, IMO.
In principle, I agree. In practice, I refrained from advocating that because I do not know when the server's code reached the point that privileged operations could be well isolated. I vaguely recall that pre-KMS X servers did much of their work through relatively unchecked use of root privilege. Restructuring such a program to delegate the work to a privileged helper could have required significant invasive changes, and depending on what privileged actions the helper was required to take, may not have added much security. Converting to KMS necessarily involved improving that, since some functionality became a call to the kernel rather than a direct manipulation of video memory. I think post-KMS X servers are much better situated for this type of isolation, because they only need permission to have the kernel do the operation, rather than needing permission to perform it themselves. Presumably, the kernel enforces that the DRM client (usually the X server) not use the KMS calls to break security. That leaves the user side to ensure that the KMS client not have any other ways of breaking security, such as running the KMS client as an unprivileged user.
Back to top
View user's profile Send private message
duane
Tux's lil' helper
Tux's lil' helper


Joined: 03 Jun 2002
Posts: 146
Location: Oklahoma City

PostPosted: Sun Sep 20, 2020 2:53 pm    Post subject: Reply with quote

Hu wrote:
Anon-E-moose wrote:
Which is worse, me being in tty, video and input groups or running X the old fashioned way ie as root all the time?
video is commonly needed for access to OpenGL. tty has the drawback I mentioned above. input may allow snooping system input devices. Although X11 is vulnerable to that anyway, the X11 input weakness applies only to clients which successfully connect to the X11 server. A user in the input group could, in theory, log in remotely and snoop the X11 session of an unrelated user despite not being able to connect X11 clients to the target's session.


I just set up two of my systems with patched kernel 5.4.60, and I'm happily running X without root or dbus. My user is still part of the input group on both systems, but it's the only user with that group, so I'm guessing that snooping isn't an issue. If anyone manages to log into my id, they already own my data, so why would they need to? I don't use the tty group. Can anyone tell me if I'm missing a threat that elogind would handle significantly better?
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Goto page Previous  1, 2, 3, 4, 5, 6, 7, 8
Page 8 of 8

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum