On Tue, 2016-06-14 at 23:41 -0700, Keith Packard wrote: > The alternative would be to use separate X authorization data, but > unless that is protected in the file system from access by the normal > user, it offers no actual security. Hence, any program needing the > 'magic' X authorization data would need to be setuid/setgid anyways. So > we might as well simplify life by just directly checking for the special > uid or gid.
Does this imply that XDMCP users don't deserve accessibility, since we can't get a peer gid from a TCP socket? Seems suboptimal. - ajax _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: https://lists.x.org/mailman/listinfo/xorg-devel
