There's a news item about disabling the "suid" use flag on
x11-base/xorg-server, which makes it runs as a normal user rather than
root. Version 1.20.8-r1 of the ebuild disables "suid" by default. After
updating to that and rebooting, X still runs as root though:
$ ps aux | grep X
root 270 1.7 0.6 226892 107052 tty1 Ssl+ 13:52 2:08 /usr/bin/X
$ emerge --info xorg-server
[...]
x11-base/xorg-server-1.20.8-r1::gentoo was built with the following:
USE="ipv6 libglvnd systemd udev xorg -debug -dmx -doc (-elogind) -kdrive
-libressl -minimal (-selinux) -static-libs -suid -unwind -wayland
-xcsecurity -xephyr -xnest -xvfb" ABI_X86="(64)"
Am I missing something? I'm using systemd. If it matters, the "kms" use
flag in x11-drivers/nvidia-drivers is enabled.