On Tuesday 09 July 2002 17:53, ���� ���������� wrote:
> On Tue, Jul 09, 2002 at 03:33:47PM +0300, George Danchev wrote:
>
> >��� � �������� �� �� ����� ������ �� ��� ������ ���� �
> >/usr/share/doc/xserver-* . ����� ���� (���� �� �����, ������� ��) ����
> >������� ����: ��������� ������ ������� �� root � home-a �� ���� ����������
> >
(�� �� �� �������� ���� ����� � ��� ���� root), �������� �������������,
> > ��� � �� ~.Xauthority. �������� ������� ���� �� ������ �� ����� �� �����
> > � /var/log/Xfree86.log. � /etx/X11/Xwrapper.config* ������ ��
> >allowed_user=console � all ...
>
>
> ��� �� �������� ����� ���� �� ������...
��, ���� �� �� ������ ���� ;-)
(���� ���� � �� � � debian specific, ���� � �� �� �)
# man Xwrapper.config
NAME
Xwrapper.config - configuration options for X server wrapper
DESCRIPTION
/etc/X11/Xwrapper.config contains a set of flags that determine some
of the behavior of Debian's X server wrapper, which is installed on the
system as /usr/X11R6/bin/X. The purpose of the wrapper, and of this
configuration file, is twofold.
Firstly, it is intended to implement sound security practices.
Since the X server requires superuser privileges, it may be unwise to permit
just any user on the system to execute it. Even if the X server is not
exploitable in the sense of permitting ordinary users to gain elevated
privileges, a poorly-written or insufficiently-tested hardware driver for the
X server may cause bus lockups and freeze the system, an unpleasant
experience for anyone using it at the time.
Secondly, a wrapper is a convenient place to set up an execution
environment for the X server distinct from the configurable parameters of the
X server itself.
Xwrapper.config may be edited by hand, but it is typically configured
via debconf, the Debian configuration tool. The X server wrapper is part
of the xserver-common Debian package, therefore the parameters of
Xwrapper.config may be changed with the command dpkg-reconfigure
xserver-common. See dpkg-reconfigure(8) for more information.
The format of Xwrapper.config is a text file containing a series of
lines of the form
name=value
where name is a variable name containing any combination of numbers,
letters, or underscore (_) characters, and value is any combination of
letters, numbers, underscores (_), dashes (-). value may also contain
spaces as long as there is at least one character from the list above
bounding the space(s) on both sides. Whitespace before and after name,value,
or the equals sign is legal but ignored. Any lines not matching the above
described legal format are ignored. Note that this specification may change
as the X server wrapper develops.
Available options are:
allowed_users
may be set to one of the following values: rootonly, console,
anybody. "rootonly" indicates that only the root user may start the X
server; "console" indicates that root, or any user whose controlling TTY is a
virtual console, may start the X server; and "anybody" indicates that any
user may start the X server.
nice_value
may be any integer in the interval [-20,19]. This is used to
set the executing X server's process priority. See nice(1).
SEE ALSO
dpkg-reconfigure(8), nice(1)
AUTHOR
This manpage was written by Branden Robinson for Progeny Linux
Systems, Inc., and Debian GNU/Linux.
Debian GNU/Linux 6 Jan 2001
Xwrapper.config(5)
> $adduser test
> [.... tintiri-mintiri, prostotii...]
> -> ����, ����� �� � �������� �� /etc/skel, �������� �� .mc, .fluxbox �
> ����� ������������ - muttrc, gtkrc, bashrc � �.�. � ".xsession". �� � ����
> ��
���� ��� ������� � skel...
>
> ������� � ���� �������..., �������....
> wishmaster login: test
> Password:
> [....tintiri-....;)]
> test@wishmaster:~$ startx
>
> ������ ��... ������ �, ������� �� ��������� (�� 2-3 �������, fluxbox;))
> � Xwrapper.config ���� �� � ������ � debconf section-� � allowed_user=
> console ����, ��� "all"...
���� ������� anybody , � �� ����� �� ���� �� ���� ��� anybody, ��� rootonly
��� console.
> ������� �� .Xauthority, ��� �� �� �� ������� �� ����� �, ���� ������ ��
> ������� �� /root?...
� X-�� �� �� ���������� ��� startx, � ���� ���� �� root � �� ������
������������� �� ������-> no luck ;-)
> > �� ��� �� ����� ������ ���� �� XFree86 ������ �� ���� � /dev/mem (����
> >����� ������) � �� ���� ������ �� � suid root, ���� �� � �� �������� ?
>
>
> ���� /usb/bin/X11/XFree86 ne e suid root. �� X e suid � sgid root...
�� ������ �� ;-) /usr/X11R6/bin/X � wrapper-a �� XFree86. ����� � �� � ���
����� ��� ���� �� ����� �� users �� ������ X-��, �� ��� ��� �� ����������
���� root �� ���� ���� startx, ������� ���� display manager ���� ����
authentification, � ���� �� ���� �� ��� ������� ���� � ����.
��� ���� ���� ������� ��������, �� �� ����� ������ ������ user � ��������� X
����� � �� ������ �� �������� ���������� ��������� root ����������, su.
http://lists.debian.org/debian-devel/2002/debian-devel-200207/msg00259.html
[���� � �� .Xauthority]
����� � �� � �� ���� ����� �� ���� �� purge � ��������� ����� ����� �� X-��
��� �����, ���� �� �� �� �������� ;-)
--
Greets,
fr33zb1
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
