[Your antispam program is a bit too paranoid I think...]
On Fri, 21 Nov 1997, shegget wrote:
> Program: XF86_*, the XFree86 servers (XF86_SVGA, XF86_VGA16, ...)
> Version: Tested on XFree86 3.3.1 (current), 3.2.9 and 3.1.2.
> Other versions as well.
> OS: All
Except Debian Linux, where the X servers aren't setuid root!
> Impact: The XFree86 servers let you specify an alternate configuration
> file and do not check whether you have rights to read it.
> Any user can read files with root permissions.
One more reason to use Debian :)
On my Debian 1.3.1 + hamm upgarde (XFree86 3.3.1):
bash-2.00$ ls -l /usr/X11R6/bin/X*
- -rwsr-xr-x 1 root root 4728 Oct 18 06:58 /usr/X11R6/bin/X
- -rwxr-xr-x 1 root root 820544 Jun 20 16:41 /usr/X11R6/bin/XF86Setup
- -rwxr-xr-x 1 root root 2313580 Jul 17 15:33 /usr/X11R6/bin/XF86_S3
- -rwxr-xr-x 1 root root 1816864 Jun 20 16:41 /usr/X11R6/bin/XF86_VGA16
bash-2.00$ cd /usr/X11R6/bin/
bash-2.00$ ./X
X: you are not authorised to run the X server
bash-2.00$ dpkg -S /usr/X11R6/bin/X
xbase: /usr/X11R6/bin/X
So I suggest using this wrapper on all systems where possible.
Another solution can be running xdm, and make xdm to start the X server.
In this case you don't need the X server to be setuid root.
Slapic
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
iQCVAgUBNHoMXj1bHc+WqbNdAQFrswP/dhLdRcZaL0JhLuVK6poEZpMRZBPsm8Vl
M9Vftgw7gPz5pNEXxeDjlKUcA8iMPFIuTCATOy/iwo9WmOEPikfW8vT07zts9RiY
Wkvxt92PiCUKLsiQBY09iqN//vJBnPdH/mktKKYP8vsxdqJmlrVJWJIFlUTLoh+b
pGqPUkaM+lY=
=0LDg
-----END PGP SIGNATURE-----