On Mon, 31 Dec 2012 22:06:00 +0800 kwk...@hkbn.net wrote: > > That already has a de-facto answer; USE="suid" must be on by default > > as without it users cannot run a desktop (xorg-server does not yet > > run without root permissions)
I use some hackery to run startx on some systems as a normal user on linux and without suid. The only important things that break on these systems is hotplugging mice etc. and which could be quite easily fixed if it was worth the time. I've found a log out triggering a relaunch good enough with 0 complaints for now. > > But(!) if one uses a login manager, xorg server would only be ever be > run by root, right? On Linux maybe but the default on OpenBSD is for X to run as the X11 user and xdm to run as root. > Hence the use flag rather than a must like, e.g., > sys-apps/shadow (and the question whether the dangerous suid should be > set in desktop profiles instead of default on even for hardened).
