ConsoleKit, PolicyKit, HAL, XDG_SESSION_COOKIE

Lennart Poettering mzqohf at
Thu Jul 22 19:30:23 PDT 2010

On Thu, 22.07.10 21:39, Stef Bon (stef at wrote:

> >I think the XDG_SESSION_COOKIE should go away and be replaced by the
> >audit session id as maintained by the kernel, which however has slightly
> >different semantics.
> Why do you think that?

Because it is sufficient to maintain one session cookie/id. There's no
need to maintain a number of them.

Also, the current XDG_SESSION_COOKIE has really strange semantics right
now, because polkit reads it from /proc/$PID/environment. This breaks
when setproctitle is used. Also, it's not trustable
information. Everybody can just creat his own random session if he feels
like it. Since this id is supposed to be used for policy this is a bit

> What is the audit session id anyway?

Let me google that for you.



Lennart Poettering - Red Hat, Inc.

More information about the dbus mailing list