Revision as of 18:16, 14 May 2021 edit 88.243.128.172 (talk) mention unveil(2) ← Previous edit		Revision as of 15:30, 27 May 2021 edit undo Izno (talk \| contribs) Checkusers, Interface administrators, Administrators 138,427 edits nix CN and sentence since 3 years now Next edit →
Line 30: == X11 == All parts of X11 on OpenBSD are running as the user, except for the X server, which is split between a privilege-stripped X process run as root, and an X process run as the _X11 user.{{citation needed\|reason=Checked by Freenode IRC users, need additional source \|date=October 2017}} In X11 on OpenBSD, neither the X server nor X clients normally have any escalated direct memory or hardware privileges: When driving X with the Intel(4) or Radeon(4) drivers, these normally interact with the underlying hardware via the Direct Rendering Management(4) kernel interface only, so that lowlevel memory/hardware access is handled solely by the kernel. Other drivers such as WSFB follow a similar pattern. For this reason, X11 on OpenBSD does not open up lowlevel memory or hardware access to user/root programs as is done on some other systems, and as was done in the past, which then needed the user to escalate the machdep.allowaperture setting from its default zero setting, to an unsecure setting.{{citation needed\|reason=Needs additional verification, discussed on chat forums\|date=October 2017}}

OpenBSD security features: Difference between revisions