Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Running X as root
View unanswered posts
View posts from last 24 hours
View posts from last 7 days

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
PlatinumTrinity
Tux's lil' helper
Tux's lil' helper


Joined: 10 Mar 2020
Posts: 100

PostPosted: Sat Jan 02, 2021 9:11 am    Post subject: Running X as root Reply with quote

If you follow the handbook like I did you end up with a system that runs X as root. I know this is a security risk and not the suggested way to run X anymore. I am curious how one goes about running X as a regular user while still being able to use DEs like KDE. I'm probably going to re-install Gentoo this week and this time I plan on focusing on security as I'm doing it instead of just getting a working system.

How bad is it to run X as root if I've been proactive about security in other places? I'm using a single user system. I can't run Wayland because of my hardware.
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5930

PostPosted: Sat Jan 02, 2021 9:34 am    Post subject: Re: Running X as root Reply with quote

PlatinumTrinity wrote:
If you follow the handbook like I did you end up with a system that runs X as root. I know this is a security risk and not the suggested way to run X anymore. I am curious how one goes about running X as a regular user while still being able to use DEs like KDE. I'm probably going to re-install Gentoo this week and this time I plan on focusing on security as I'm doing it instead of just getting a working system.

How bad is it to run X as root if I've been proactive about security in other places? I'm using a single user system. I can't run Wayland because of my hardware.

afaik, the current recommended way to install gentoo with X is using X as root.
incase you want non-root X, install the system without X and head to https://wiki.gentoo.org/wiki/Non_root_Xorg
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
PlatinumTrinity
Tux's lil' helper
Tux's lil' helper


Joined: 10 Mar 2020
Posts: 100

PostPosted: Sat Jan 02, 2021 9:36 am    Post subject: Re: Running X as root Reply with quote

DaggyStyle wrote:
PlatinumTrinity wrote:
If you follow the handbook like I did you end up with a system that runs X as root. I know this is a security risk and not the suggested way to run X anymore. I am curious how one goes about running X as a regular user while still being able to use DEs like KDE. I'm probably going to re-install Gentoo this week and this time I plan on focusing on security as I'm doing it instead of just getting a working system.

How bad is it to run X as root if I've been proactive about security in other places? I'm using a single user system. I can't run Wayland because of my hardware.

afaik, the current recommended way to install gentoo with X is using X as root.
incase you want non-root X, install the system without X and head to https://wiki.gentoo.org/wiki/Non_root_Xorg


Thank you, not sure why that page wouldn't show up in search results. When I followed the guide last time I picked the KDE profile because I just wanted to get a working system. This time I'll do a base install and add my own USE flags. I've been trying out so many DEs and WMs I've cluttered my current install.
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5930

PostPosted: Sat Jan 02, 2021 10:38 am    Post subject: Re: Running X as root Reply with quote

PlatinumTrinity wrote:
DaggyStyle wrote:
PlatinumTrinity wrote:
If you follow the handbook like I did you end up with a system that runs X as root. I know this is a security risk and not the suggested way to run X anymore. I am curious how one goes about running X as a regular user while still being able to use DEs like KDE. I'm probably going to re-install Gentoo this week and this time I plan on focusing on security as I'm doing it instead of just getting a working system.

How bad is it to run X as root if I've been proactive about security in other places? I'm using a single user system. I can't run Wayland because of my hardware.

afaik, the current recommended way to install gentoo with X is using X as root.
incase you want non-root X, install the system without X and head to https://wiki.gentoo.org/wiki/Non_root_Xorg


Thank you, not sure why that page wouldn't show up in search results. When I followed the guide last time I picked the KDE profile because I just wanted to get a working system. This time I'll do a base install and add my own USE flags. I've been trying out so many DEs and WMs I've cluttered my current install.

so why not removing all the vms and unmerging all the DEs?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
PlatinumTrinity
Tux's lil' helper
Tux's lil' helper


Joined: 10 Mar 2020
Posts: 100

PostPosted: Sat Jan 02, 2021 10:48 am    Post subject: Re: Running X as root Reply with quote

DaggyStyle wrote:
PlatinumTrinity wrote:
DaggyStyle wrote:
PlatinumTrinity wrote:
If you follow the handbook like I did you end up with a system that runs X as root. I know this is a security risk and not the suggested way to run X anymore. I am curious how one goes about running X as a regular user while still being able to use DEs like KDE. I'm probably going to re-install Gentoo this week and this time I plan on focusing on security as I'm doing it instead of just getting a working system.

How bad is it to run X as root if I've been proactive about security in other places? I'm using a single user system. I can't run Wayland because of my hardware.

afaik, the current recommended way to install gentoo with X is using X as root.
incase you want non-root X, install the system without X and head to https://wiki.gentoo.org/wiki/Non_root_Xorg


Thank you, not sure why that page wouldn't show up in search results. When I followed the guide last time I picked the KDE profile because I just wanted to get a working system. This time I'll do a base install and add my own USE flags. I've been trying out so many DEs and WMs I've cluttered my current install.

so why not removing all the vms and unmerging all the DEs?


Want to make a script to install Gentoo with my preferred config automatically. Need to go through it again on bare metal.
Back to top
View user's profile Send private message
asturm
Developer
Developer


Joined: 05 Apr 2007
Posts: 9315

PostPosted: Sat Jan 02, 2021 10:51 am    Post subject: Re: Running X as root Reply with quote

DaggyStyle wrote:
afaik, the current recommended way to install gentoo with X is using X as root.

In fact, no.
Code:
[ebuild   R    ] x11-base/xorg-server-1.20.10:0/1.20.10::gentoo  USE="elogind udev wayland xorg xvfb -debug -dmx -doc -ipv6 -kdrive -libressl -minimal (-selinux) -static-libs -suid -systemd -unwind -xcsecurity -xephyr -xnest"

Note "-suid" default.
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5930

PostPosted: Sat Jan 02, 2021 10:55 am    Post subject: Re: Running X as root Reply with quote

asturm wrote:
DaggyStyle wrote:
afaik, the current recommended way to install gentoo with X is using X as root.

In fact, no.
Code:
[ebuild   R    ] x11-base/xorg-server-1.20.10:0/1.20.10::gentoo  USE="elogind udev wayland xorg xvfb -debug -dmx -doc -ipv6 -kdrive -libressl -minimal (-selinux) -static-libs -suid -systemd -unwind -xcsecurity -xephyr -xnest"

Note "-suid" default.

so it is default to non-root X?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
hedmo
Veteran
Veteran


Joined: 29 Aug 2009
Posts: 1331
Location: sweden

PostPosted: Sat Jan 02, 2021 12:30 pm    Post subject: Re: Running X as root Reply with quote

PlatinumTrinity wrote:
If you follow the handbook like I did you end up with a system that runs X as root.


PlatinumTrinity

i cannot agree with you . direct from https://wiki.gentoo.org/wiki/Handbook:AMD64/Full/Installation :


Rebooting the system

Quote:

root #exit
cdimage ~#cd
cdimage ~#umount -l /mnt/gentoo/dev{/shm,/pts,}
cdimage ~#umount -R /mnt/gentoo
cdimage ~#reboot


User administration
Adding a user for daily use

Quote:

Login:root
Password: (Enter the root password)
root #useradd -m -G users,wheel,audio -s /bin/bash larry
root #passwd larry
Password: (Enter the password for larry)
Re-enter password: (Re-enter the password to verify)


this tells me that larry is the user i need to use for daily use on the system and not root.
Back to top
View user's profile Send private message
GDH-gentoo
Veteran
Veteran


Joined: 20 Jul 2019
Posts: 1727
Location: South America

PostPosted: Sat Jan 02, 2021 2:42 pm    Post subject: Reply with quote

The funny thing is, if you use a display manager, Xorg will run as root even if x11-base/xorg-server was installed with USE=-suid, because most display managers run as root themselves, and spawn the X server without dropping privileges.

So most of the time, Xorg will run with an unprivileged effective user only if it was launched with startx.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22762

PostPosted: Sat Jan 02, 2021 6:02 pm    Post subject: Reply with quote

There is an ambiguity here around the phrase "runs X as root". Historically, the Xorg binary was setuid root and would have an effective uid of root regardless of who started it. At that time, the guidance to "not run X as root" was that you should log in as a non-root user, such as the larry user that hedmo referenced, and run your desktop that way. This would give the Xorg process root, but all your regular applications would run as larry. Recently, the standard was changed such that Xorg would not be setuid root, and "not run X as root" now means both that your applications should be larry and that your Xorg server should be larry.

DaggyStyle: yes, USE=-suid produces a non-setuid Xorg, which relies on elogind (recommended by the responsible Gentoo maintainers) or on the user managing group memberships (deprecated by the responsible Gentoo maintainers) to provide the server with sufficient privilege to operate properly.

[Edit to add italicized text for clarity.]


Last edited by Hu on Sun Jan 03, 2021 6:58 pm; edited 1 time in total
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Sat Jan 02, 2021 6:31 pm    Post subject: Reply with quote

Hu, recently I had to partition a drive and create a filesystem. I could have used command line tools with sudo or opened an xterm and run sudo gparted. gparted is in the menu but doesn't actually run because of lack of privilege. What I did was log into xdm as root and ran gparted straight from the menu. Then I logged out and re-logged in as tony to download a stage3 and do the rest of the install from an xterm. I did not access the internet as root and I think that's the main concern. What would you have done? Just curious.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22762

PostPosted: Sat Jan 02, 2021 7:37 pm    Post subject: Reply with quote

I would have used the CLI, but that's because I prefer the CLI tools over gparted, rather than any specific security concern. If I needed to use gparted, I probably would've tried to run it as root from my user's X session, because that would be less disruptive to me than starting a root X session just for that process. That is again a convenience driven choice, rather than a security driven one. I recommend against having root-owned X applications open while running anything too complicated for you to trust what it will do (browsers, games, etc.), but mixing a root X application with a session that is otherwise just xterm / $EDITOR seems fine to me.

You're correct that the main concern with logging in as root is that everything runs as root, so the user must be careful to run only programs which can be trusted with full privilege. Complex programs, such as browsers, are so complicated that the current wisdom is that they need to be sandboxed to have even less privilege than your average user shell, so running them as root goes in exactly the wrong direction. Perhaps less obviously, some GUI file managers ought not be run as root, not due to their security history, but because they can make it so easy for a bad click to do serious damage. For example, a click&drag of /lib to /home could, if not promptly corrected, have confusing and debilitating consequences. While a root shell can just as easily use mv to do this, the user is less likely to accidentally type mv ​/lib /home than they are to click on /lib, drag, and release while over /home. I picked these directories as an example because they are adjacent in the common filesystem layout, and lib is sufficiently critical that if you were to reboot before correcting the problem, your system would probably be broken enough to require a rescue session. GUI file managers do not, as far as I know, routinely include are-you-sure prompts for a move operation that does not delete data, so it falls to the user to stay out of trouble. It's easier to stay out of trouble if breaking the system requires typing a multi-word command than if it only requires a bad click&drag.
Back to top
View user's profile Send private message
Tony0945
Watchman
Watchman


Joined: 25 Jul 2006
Posts: 5127
Location: Illinois, USA

PostPosted: Sat Jan 02, 2021 9:23 pm    Post subject: Reply with quote

No, I would never browse, check e-mail or game as root. I do like the graphical presentation of gparted and by selecting things with the mouse there is less chance of a disastrous typo.
I don't use caja or anything like that, just for preference. I also like gsmartcontrol. It's easier to read. But, that's why we have choices. I'd really hate to see the command line tools go away and I suspect you would like Gentoo to keep the choice of GUI tools, even though you don't use them yourself.

Oh, the one GUI that I regularly use is "Network Neighborhood" or whatever Mate calls their version. It's just too hard to scan a long list of files on another machine without using a mouse. But I do hate icons instead of text.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum