Session Management Proposal
George
jirka at 5z.com
Sat Jan 3 23:12:42 EET 2004
On Sat, Jan 03, 2004 at 06:58:33PM +0100, Oswald Buddenhagen wrote:
> > 1) get rid of the authentication bullshit, start one main socket say:
> > /tmp/.dm-sockets/main for the unauthenticated stuff and then
> > per-display sockets like /tmp/.dm-sockets/:0 for the stuff that
> > requires authentication (console authentication currently). That
> > way this can be done with unix permissions rather then the cookie
> > juggling.
> >
> as much as i'd like to agree with this ... i read in some man page, that
> some systems simply ignore file permissions on socket nodes. depending
> on which systems are affected, we or those systems are screwed ...
Maybe that's why I did it this way originally, I can't remember :) OK, must
do authentication using cookies then. Oh well. Could we add to the spec
that authors of such systems should be ritualistically tortured and pictures
posted on slashdot?
> > 2) There should be a way to query available 'commands' so that a client
> > can see what the DM can and can't do, and this will allow gdm and kdm
> > specific commands. Or dm-specific extended commands.
> >
> yeah, just like imap does, i think: the initial greeting identifies the
> manager incl. (protocol) version and lists supported capabilities. an
> explicit capability command would be possible as well, but i'm not sure
> we need that.
Yeah, that's good as well. And it really makes more sense since you should
always I suppose check the capabilities anyway. Currently in GDM you use only the
version number of GDM itself since it's not a 'standard' protocol.
George
--
George <jirka at 5z.com>
History teaches us that men and nations behave wisely
once they have exhausted all other alternatives.
-- Abba Eban, 1970
More information about the xdg
mailing list