Moblin 2.0 To Not Run X Server As Root
Intel's Arjan van de Ven has fired off an email letting us know that Moblin 2.0 will have its X Server running without root privileges. The first feature of their new "Moblin Secure X project" is to integrate NRX technology, which we take to mean "No-Root X" and is described as "NRX is a set of OS changes and patches that makes it possible to no longer run the X server as the privileged 'root' user." Just last week we reported on a root-less X Server nearing reality.
Traditionally the X Server has been run as root so that it can communicate directly with the graphics hardware, but with the mainlining of kernel mode-setting, it's now easily possible to run the X Server without root privileges. As Moblin is designed specifically for Intel-powered netbooks and nettops with Atom processors that often carry the Intel 945 graphics, this switch over is easy considering the stabilized Intel KMS support. Kernel mode-setting support for ATI is still settling and the NVIDIA support is still a ways out with the Nouveau driver, but that really isn't important for Moblin. As such, Moblin 2.0 is poised to be the first production distribution shipping with the X Server running with only user privileges.
Arjan concluded, "The Moblin Secure X project is also working on other technologies to further improve the security of the Moblin graphics software stack." He had not elaborated on any other work taking place.
Moblin 2.0 is also special for its very impressive GUI that is written in Clutter as well as offering very fast boot times.
Traditionally the X Server has been run as root so that it can communicate directly with the graphics hardware, but with the mainlining of kernel mode-setting, it's now easily possible to run the X Server without root privileges. As Moblin is designed specifically for Intel-powered netbooks and nettops with Atom processors that often carry the Intel 945 graphics, this switch over is easy considering the stabilized Intel KMS support. Kernel mode-setting support for ATI is still settling and the NVIDIA support is still a ways out with the Nouveau driver, but that really isn't important for Moblin. As such, Moblin 2.0 is poised to be the first production distribution shipping with the X Server running with only user privileges.
Arjan concluded, "The Moblin Secure X project is also working on other technologies to further improve the security of the Moblin graphics software stack." He had not elaborated on any other work taking place.
Moblin 2.0 is also special for its very impressive GUI that is written in Clutter as well as offering very fast boot times.
21 Comments