On Fri, 2009-03-13 at 13:46 -0400, Adam Jackson wrote: > Currently, if you start X without -ac and without -auth, the default > connection policy is to allow connections from localhost. In > particular, this means on every IPv[46] address, and any local > transports including unix sockets. > > I'd like to see a mode where the default policy is effectively > +si:localuser:`id -un`, which would allow connections only from the uid > that started the server. This is effectively the policy everyone's > trying to implement with xauth cookies, but cookies have to get stored > on disk somewhere which sucks for NFS and r/o images, etc. For the gdm > case, the display manager would add the real user to the access list > once they've been authed, and then remove itself and start the session > as the user. > > Normally I'd just change the default here, but I think this might be a > significant enough difference in behaviour that you should have to ask > for it. So. New -localuser option? Change the default? Bad idea, > give up, take up farming?
It sounds sensible, the only thing I'm concerned about is whether with this new default I could sudo <X app> and still get success. -- Eric Anholt e...@anholt.net eric.anh...@intel.com
signature.asc
Description: This is a digitally signed message part
_______________________________________________ xorg-devel mailing list xorg-devel@lists.x.org http://lists.x.org/mailman/listinfo/xorg-devel