1 |
On Mon, 31 Dec 2012 22:06:00 +0800 |
2 |
kwkhui@××××.net wrote: |
3 |
|
4 |
> > That already has a de-facto answer; USE="suid" must be on by default |
5 |
> > as without it users cannot run a desktop (xorg-server does not yet |
6 |
> > run without root permissions) |
7 |
|
8 |
I use some hackery to run startx on some systems as a normal user on |
9 |
linux and without suid. The only important things that break on these |
10 |
systems is hotplugging mice etc. and which could be quite easily fixed |
11 |
if it was worth the time. I've found a log out triggering a relaunch |
12 |
good enough with 0 complaints for now. |
13 |
|
14 |
> |
15 |
> But(!) if one uses a login manager, xorg server would only be ever be |
16 |
> run by root, right? |
17 |
|
18 |
On Linux maybe but the default on OpenBSD is for X to run as the X11 |
19 |
user and xdm to run as root. |
20 |
|
21 |
> Hence the use flag rather than a must like, e.g., |
22 |
> sys-apps/shadow (and the question whether the dangerous suid should be |
23 |
> set in desktop profiles instead of default on even for hardened). |