ConsoleKit, PolicyKit, HAL, XDG_SESSION_COOKIE
Lennart Poettering
mzqohf at 0pointer.de
Thu Jul 22 10:33:36 PDT 2010
On Thu, 22.07.10 13:58, Julian Thomé (frostisch at yahoo.de) wrote:
> Hello mailing list,
>
> i have a question about the interaction between HAL, ConsoleKit,
> PolicyKit and the environment variable XDG_SESSION_COOKIE.
>
> As described in the documentation of ConsoleKit, the session-leader(gdm,
> kdm) asks the ConsoleKit Daemon to open a new session. The ConsoleKit
> Daemon returns the secret cookie to the session-leader.
> The Console-Kit Daemon also determine which session is currently active
> and can take control of the hardware of the Seat.
Note that the secret cookie i actually not secret at all. It is
generated from a pseudo-random generator, from the current time and the
local machine uuid. It is trivial to guess for subsequent logins if you
logged in at least once. Just use the pseudo-random generator to calc he
next value form the one you got assigned and figure out the login time
from in utmp and you have the cookie.
I think the XDG_SESSION_COOKIE should go away and be replaced by the
audit session id as maintained by the kernel, which however has slightly
different semantics.
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the dbus
mailing list