On 2018-11-13, Markus Wichmann <nullp...@gmx.net> wrote: > On Mon, Nov 12, 2018 at 01:14:38PM -0800, Michael Forney wrote: >> Usually how it works is either the display server itself needs to be >> setuid to open those input devices, or some other program (commonly >> systemd-logind) needs to open it on its behalf. I believe Xorg with >> systemd disabled will need to be setuid because of this. >> > > I lack the words to describe how broken I think it is, to make an > application setuid because you couldn't be arsed to set file permissions > properly. Or at least, the words to do so in a civilised manner.
Well, you usually don't want just any process to be able to open your keyboard device and read events from it; just the display server and only when the VT it is running on is active. This is especially true on a multi-user system. So, you want opening input devices to be privileged or federated in some way. There is also a problem with DRM, since while you can become master (required for modesetting) implicitly if no other process is master, you need CAP_SYS_ADMIN to be able to issue the ioctls to drop/regain master. This makes it impossible to do VT switching properly as non-root (see https://github.com/mpv-player/mpv/issues/6184 for example).
