ConsoleKit, PolicyKit, HAL, XDG_SESSION_COOKIE

Stef Bon stef at
Thu Jul 22 12:39:08 PDT 2010

  On 07/22/2010 07:33 PM, Lennart Poettering wrote:
> On Thu, 22.07.10 13:58, Julian Thomé (frostisch at wrote:
>> Hello mailing list,
>> i have a question about the interaction between HAL, ConsoleKit,
>> PolicyKit and the environment variable XDG_SESSION_COOKIE.
>> As described in the documentation of ConsoleKit, the session-leader(gdm,
>> kdm) asks the ConsoleKit Daemon to open a new session. The ConsoleKit
>> Daemon returns the secret cookie to the session-leader.
>> The Console-Kit Daemon also determine which session is currently active
>> and can take control of the hardware of the Seat.
> Note that the secret cookie i actually not secret at all. It is
> generated from a pseudo-random generator, from the current time and the
> local machine uuid. It is trivial to guess for subsequent logins if you
> logged in at least once. Just use the pseudo-random generator to calc he
> next value form the one you got assigned and figure out the login time
> from in utmp and you have the cookie.
> I think the XDG_SESSION_COOKIE should go away and be replaced by the
> audit session id as maintained by the kernel, which however has slightly
> different semantics.

Why do you think that?
What is the audit session id anyway?

Stef Bon
Voorburg (near Den Hage, Holland)

More information about the dbus mailing list