Here's the issue, as I understand it... To get reasonable graphics performance, you can't afford system calls. So the X server has, from the beginning, mapped the graphics hardware into its address space, and directly manipulated them itself. Trust us, this is really true.... X does *MILLIONS* of operations/second on current hardware.
Ok, in principle this isn't a killer: sanely designed graphics and computer hardware would (and has on occasion) no way to touch memory except that of the processes using it. Unfortunatly, most PC graphics hardware is not sane: the AGP bus gives you the opportunity (if you are hardware) to do just about anything you like to any byte of your physical RAM. So if you have access to the graphics hardware, you have license to write any byte in physical memory, and therefore are the moral equivalent of the kernel (i.e. root). Now, we can have a discussion (best on LKML), whether something other UID than root might have merit, but don't kid yourself, on the hardware you have, it would have the same effect in reality. So this is an artifact of PC hardware, not X (X would be happy to have a UID of its own, so long as it can get at the hardware). - Jim -- Jim Gettys Cambridge Research Laboratory Compaq Computer Corporation [EMAIL PROTECTED] _______________________________________________ Xpert mailing list [EMAIL PROTECTED] http://XFree86.Org/mailman/listinfo/xpert