“Due to now living in a KMS-enabled world, at least on the Intel and ATI side (the NVIDIA side is still slowly but surely coming via Nouveau), it’s rather easy to get the X Server running without any special rights. Intel’s Jesse Barnes explains on the X.Org mailing list that only a small patch is needed for the X Server and then a trivial one to the Direct Rendering Manager in the kernel.”
I remember running unprivileged Xmacppc server, about 4 years ago on NetBSD. It was unaccelerated, kinda slow, but served me well for about 8 months, on my main workstation.
Then I bought Mac Mini, only to discover that X11.app works without root too.
All administrative accounts should only ever be used for just that – administrative tasks.
Zomg DRM in the Kernel. Linus is evil!
[/jk]
Edited 2009-07-03 08:47 UTC
Brought to you by the Rendering Infrastructure Association of Awfulness
When it comes to X servers, rootless is used to mean supporting X clients in a foreign environment (something supported fine in many Windows and Mac OS X servers). I believe the correct term is ‘user mode X’
On second thought I don’t think ‘user mode X’ would work either — that would be opposed to an X server in the kernel? idk.
Try “non-privileged X” instead?
Indeed, it enable the X servers to run without the suid bit set. It’s a great improvement for security and stability.
I’ve heard lots of complaints about slipping release dates, features getting dropped from releases, etc. But I’ve got to say, the pace of change in X11 these days is highly impressive. I’m always looking forward to what’s coming next …
I was aware that e.g. OpenBSD was able to run X11 as non-root a while ago. Doubtless this new development is a more comprehensive solution but I do wonder how *BSD supported running X as a normal user process in the past … set the mode and then permanently drop privileges, perhaps? Anybody know?
I should probably just go look it up but … this is the lazyweb, right?
OpenBSD did it by using privilege separation. Ihey have a modified X server which drops privileges after it does the things it needs to be root to do. It may also be split into a small, auditable privileged program which does rootish things on behalf of the larger, unprivileged X server (like they do with SSH and some other daemons).
To me, this seems preferable to moving modesetting code into the kernel, but there may be other non-security implications to that which pushed the Linux folks in that direction.
In the past, they also had a special driver (xf86) to allow access to certain ports and memory ranges on the video card as non-root. I don’t know if they still use this, though. I haven’t run X on an OpenBSD box in years.
Edited 2009-07-06 17:49 UTC