> Op 28-09-15 om 23:29 schreef Philip Guenther: > > On Mon, Sep 28, 2015 at 1:31 PM, L. V. Lammert <l...@omnitec.net> wrote: > > ... > >> X has never been installed on this box, .. why now? > > > > http://www.openbsd.org/faq/faq4.html#FilesNeededX > > > > From the FAQ: > "By itself, installing X on a system does not change the risk of > external security issues." > > I might be misinterpreting "external" here, but considering some files > from the X sets[1], wouldn't the following be more accurate: "Installing > X adds one setuid root binary and some setgid non-root binaries on a > system, but apart from that does not change the risk of external > security issues."? > > [1] from xbase57.tgz and xserv57.tgz: > -rwsr-xr-x 1 root wheel 2651992 Aug 12 15:28 /usr/X11R6/bin/Xorg > -rwxr-sr-x 1 root auth 2970888 Mar 7 2015 /usr/X11R6/bin/xlock > -rwxr-sr-x 1 root utmp 594648 Aug 12 15:24 /usr/X11R6/bin/xterm
External means connetions from the outside. Since nothing from the X set will be be running, there is no risk. As to your list, the setuid binary is privsep, and the other two are privdrop. They were refactored in OpenBSD specifically to reduce risk. I think your text is a bit short. Maybe you could write up 10-20 paragraphs. Then the document will become even more unwieldly, and noone will read it. /sarc In all seriousness, I think the statement made in the FAQ is short, true, and satisfactory for 99.9% of usage cases. Extending this with concepts people must judge using outdated mindsets, will push more towards avoiding X set installs, and then lead to far greater problems with use of packages. This needs to be balanced. We don't need to make narrow claims that other systems avoid. So in summary, leave the text alone. It is doing the best it can do. The world is not perfect. We could make it more perfect by removing X support from 500 packages.... /sarc
