Gentoo Archives: gentoo-user

From: John Covici <covici@××××××××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] xorg-server without suid still runs as root?
Date: Thu, 25 Jun 2020 14:20:50
Message-Id: m38sgbcjmf.wl-covici@ccs.covici.com
In Reply to: [gentoo-user] xorg-server without suid still runs as root? by Nikos Chantziaras
1 On Thu, 25 Jun 2020 08:58:30 -0400,
2 Nikos Chantziaras wrote:
3 >
4 > There's a news item about disabling the "suid" use flag on
5 > x11-base/xorg-server, which makes it runs as a normal user rather
6 > than root. Version 1.20.8-r1 of the ebuild disables "suid" by
7 > default. After updating to that and rebooting, X still runs as
8 > root though:
9 >
10 > $ ps aux | grep X
11 > root 270 1.7 0.6 226892 107052 tty1 Ssl+ 13:52 2:08 /usr/bin/X
12 >
13 > $ emerge --info xorg-server
14 > [...]
15 > x11-base/xorg-server-1.20.8-r1::gentoo was built with the following:
16 > USE="ipv6 libglvnd systemd udev xorg -debug -dmx -doc (-elogind)
17 > -kdrive -libressl -minimal (-selinux) -static-libs -suid -unwind
18 > -wayland -xcsecurity -xephyr -xnest -xvfb" ABI_X86="(64)"
19 >
20 > Am I missing something? I'm using systemd. If it matters, the
21 > "kms" use flag in x11-drivers/nvidia-drivers is enabled.
22
23 If I do ls -l /proc/<xorg process> both of them are not root, 1 as gdm
24 and the other as me which got created after I logged in. Try doing
25 that and see what you see.
26
27 --
28 Your life is like a penny. You're going to lose it. The question is:
29 How do
30 you spend it?
31
32 John Covici wb2una
33 covici@××××××××××.com