1 |
Piotr Karbowski wrote: |
2 |
> Hi, |
3 |
> |
4 |
> On 26/05/2020 00.34, Philip Webb wrote: |
5 |
>> I'ld rather you didn't. |
6 |
> You didn't provided any rationale for that. Running X as root is anti |
7 |
> pattern, especially nowadays when so little effort is required to not |
8 |
> have to run it as root. |
9 |
> |
10 |
> You can either enable elogind, or you can enable suid if you want to |
11 |
> preserve your status quo, we're talking here about defaults that user |
12 |
> can change if he has a reason to do so. |
13 |
> |
14 |
> -- Piotr. |
15 |
> |
16 |
|
17 |
As a user. |
18 |
|
19 |
[ebuild R ] x11-base/xorg-server-1.20.7:0/1.20.7::gentoo |
20 |
USE="elogind ipv6 libglvnd suid udev xorg -debug -dmx -doc -kdrive |
21 |
-libressl -minimal (-selinux) -static-libs -systemd -unwind -wayland |
22 |
-xcsecurity -xephyr -xnest -xvfb" |
23 |
|
24 |
I don't recall the security issue that setting comes with. As a user, |
25 |
I'd rather defaults be secure and if I need to make a exception, then I |
26 |
can do so locally. I use elogin, used the other method until the recent |
27 |
change, so I likely don't need it set this way. If I understand this |
28 |
correctly, I'm going to disable suid and use the more secure method. I |
29 |
think it is reasonable since most likely, most users would expect the |
30 |
more secure method as a default and use a login tool that works with |
31 |
that setting. Those who use some other method, such as manually starting |
32 |
X, they still have the option to set it in whatever way works for them. |
33 |
I do agree with the point in another post that there should be some sort |
34 |
of notice about the change. One that is easily seen since it can cause |
35 |
problems. |
36 |
|
37 |
In the middle of typing, I made the change and ran into no problems so |
38 |
far. I restarted the GUI and logged in just fine. |
39 |
|
40 |
Just a users perspective. |
41 |
|
42 |
Dale |
43 |
|
44 |
:-) :-) |