As first feature of the "Moblin Secure X project" (a project with the aim of improving the security of the graphics stack) the Moblin project has integrated the NRX technology. NRX is a set of OS changes and patches that makes it possible to no longer run the X server as the privileged "root" user.
In Linux, the X server is traditionally run with root privileges (via the setuid-bit mechanism); this has been historically required because the X server talked directly to the graphics hardware. The root user has unlimited permissions in Linux, including the permission to add code the running kernel, read and write all files, etc. The X server is a large chunk of code, quite a bit of it dating from 20 years back, that is constantly communicating with less privileged applications. Running the X server with unlimited permissions is a security risk; with this, any security hole in the X server immediately gives an attacker full system access. With a modern graphics stack (using Kernel Mode Setting, the Graphics Execution Manager etc), the X server no longer has a fundamental requirement to directly talk to the graphics hardware. The Intel graphics team has spent time the last few weeks to sort out a few remaining issues, and now we can announce that the upcoming Moblin 2.0 distribution will be the first Linux distribution that will ship with an X server that runs with the same privileges as the logged in user, rather than as the security sensitive root user. This is a good step for the security of the Linux desktop, and is made possible due to the major re-architecting that the Linux graphics stack has undergone the last two years with the hard work from the various X community members, including employees from Intel and Red Hat. The Moblin Secure X project is also working on other technologies to further improve the security of the Moblin graphics software stack. Arjan van de Ven Moblin Architect - Open Source Technology Center Intel Corporation _______________________________________________ Moblin dev Mailing List [email protected] To manage or unsubscribe from this mailing list visit: http://lists.moblin.org/listinfo/dev or your user account on http://moblin.org once logged in. For more information on the Moblin Developer Mailing lists visit: http://moblin.org/community/mailing-lists
