| 1 |
Piotr Karbowski wrote: |
| 2 |
> Hi, |
| 3 |
> |
| 4 |
> On 26/05/2020 00.34, Philip Webb wrote: |
| 5 |
>> I'ld rather you didn't. |
| 6 |
> You didn't provided any rationale for that. Running X as root is anti |
| 7 |
> pattern, especially nowadays when so little effort is required to not |
| 8 |
> have to run it as root. |
| 9 |
> |
| 10 |
> You can either enable elogind, or you can enable suid if you want to |
| 11 |
> preserve your status quo, we're talking here about defaults that user |
| 12 |
> can change if he has a reason to do so. |
| 13 |
> |
| 14 |
> -- Piotr. |
| 15 |
> |
| 16 |
|
| 17 |
As a user. |
| 18 |
|
| 19 |
[ebuild R ] x11-base/xorg-server-1.20.7:0/1.20.7::gentoo |
| 20 |
USE="elogind ipv6 libglvnd suid udev xorg -debug -dmx -doc -kdrive |
| 21 |
-libressl -minimal (-selinux) -static-libs -systemd -unwind -wayland |
| 22 |
-xcsecurity -xephyr -xnest -xvfb" |
| 23 |
|
| 24 |
I don't recall the security issue that setting comes with. As a user, |
| 25 |
I'd rather defaults be secure and if I need to make a exception, then I |
| 26 |
can do so locally. I use elogin, used the other method until the recent |
| 27 |
change, so I likely don't need it set this way. If I understand this |
| 28 |
correctly, I'm going to disable suid and use the more secure method. I |
| 29 |
think it is reasonable since most likely, most users would expect the |
| 30 |
more secure method as a default and use a login tool that works with |
| 31 |
that setting. Those who use some other method, such as manually starting |
| 32 |
X, they still have the option to set it in whatever way works for them. |
| 33 |
I do agree with the point in another post that there should be some sort |
| 34 |
of notice about the change. One that is easily seen since it can cause |
| 35 |
problems. |
| 36 |
|
| 37 |
In the middle of typing, I made the change and ran into no problems so |
| 38 |
far. I restarted the GUI and logged in just fine. |
| 39 |
|
| 40 |
Just a users perspective. |
| 41 |
|
| 42 |
Dale |
| 43 |
|
| 44 |
:-) :-) |
Archives