Contributed by jose on from the improvements dept.
"OpenBSD has continued their work in leaving as little running with root privileges as possible. They committed a privilege separated version of XFree86. Now X will run mostly as an unprivileged user.Finally! A piece of software as large as X running with real privsep! And in time for 3.3, too. This is very cool. Anyone test this out yet?
UPDATE : Updated based on some comments from Henning. The move to real privsep fixes some issues that were seen in the previous non-root model.
(Comments are closed)
By AC () on
Comments
By Anonymous Coward () on
Comments
By Hugo Villeneuve () on http://EINTR.net
The XF4 cvs module contains 3 version of X which are in different subdirectories:
xc/ - 4.x
xc-old/ - 3.x (for i386 and mac68k)
xc-mit/ - very old X11R5 (for hp300)
(xc-old and xc-mit only builds the X servers, the clients comes from xc (if I understand right))
So changes in XF4 tree doesn't necessary means to Xfree 4.2.x.
By Anonymous Coward () on
By Hugo Villeneuve () on http://EINTR.net
It's in current now for Xfree86 4.2.1 (well, that's what my 2 week old -current sparc is running.
It had been a while since X was running under the pseudo-user _x11 but it was causing a few problems. With this nobody will have to revert back to running X as root to overcome the problems.
By Anonymous Coward () on
Comments
By Nathan milford () nmilford@ on mailto:nmilford@
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
He is indeed. Linux taints a system past recovery.
:-)
By Marc Espie () espie@openbsd.org on mailto:espie@openbsd.org
The version currently in OpenBSD isn't quite portable enough yet, but that should happen eventually.
By Anonymous Coward () on
By MicroMaster () MicroMaster@microbsd.org on http://www.microbsd.org/
Everyone know that MicroBSD had PrivSep for XFree86 (version 5.0.35) almost 3 years ago.
Narf!
Comments
By kremlyn () on
:-)
By MicroMaster () MicroMaster@microbsd.org on http://www.microbsd.org
It also worked perfectly with NVIDIA chipsets, but only when DRI was enabled.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By Anonymous Coward () on
support for X back in 1992 after completing our ia64 port.
Comments
By Kung-fu Troll () kung-fu@teevee.org on http://www.teevee.org/
By Outgrope Dildo () dildo@microbsd.net on mailto:dildo@microbsd.net
PLEEZE GIVE MEEE REZZZPEEEEKT!
By Heo () on
Comments
By Me () on
Yes!
We should also ban it from booting on systems with colour video adapters! Heck, ban everything except running it headlessly, with the only access via ssh.
Prolly want to remove the keyboard, too.
Comments
By Anonymous Coward () on
how to remove keyboard / mouse
and ssh ?
it make an error and i can't
Comments
By Eeeeeewww! () on
Might want to clean the ends off the various cables and try plugging them into the matching connectors on the computer .
That's not where keyboards and mice go, young man. Wait 'til I tell your mother.
By Jeffrey () on
Banned..? Are you nuts..?
If something like that happened, I would simply have to stop using computers altogether.
OpenBSD on my workstation and my laptop! Yay! =)
It is simply the best OS for everything (including firewalls).
I will never again use anything else!
Comments
By meme () on
By Anonymous Coward () on
(I think 640k outa be enough for anyone)
By Hans Insulander () hin@hin.nu on mailto:hin@hin.nu
By zil0g () on
http://attrition.org/gallery/computing/forum/tn/ban_him.jpg.html
and
http://attrition.org/gallery/computing/forum/tn/troll.gif.html
Thank you. Please come again.
By Xeo () on
Comments
By Anonymous Coward () on
Seems rather obvious where the problem lies, in your case.
By Anonymous Something () on
Comments
By schubert () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Windows User () on
By rofl () on
By schubert () on
root 23125 0.0 0.0 1608 400 ?? I 11:04PM 0:00.00 X: [priv] (XFree86)
_x11 18096 3.2 0.0 14800 21784 ?? Ss 11:04PM 0:08.22 /usr/X11R6/bin/X vt05
Now what should clue you in here is the "[priv]" next to X. thats the child proccess with root privs that the commit message talks about.
By Jeffrey () on
It is working fine for me on OpenBSD.i386.
OpenBSD 3.3-beta
Yay!!! =)
Thanks to all of the OpenBSD developers
from Jeffrey.