Default local auth policy
Adam Jackson
ajax at nwnk.net
Fri Mar 13 10:46:06 PDT 2009
Currently, if you start X without -ac and without -auth, the default
connection policy is to allow connections from localhost. In
particular, this means on every IPv[46] address, and any local
transports including unix sockets.
I'd like to see a mode where the default policy is effectively
+si:localuser:`id -un`, which would allow connections only from the uid
that started the server. This is effectively the policy everyone's
trying to implement with xauth cookies, but cookies have to get stored
on disk somewhere which sucks for NFS and r/o images, etc. For the gdm
case, the display manager would add the real user to the access list
once they've been authed, and then remove itself and start the session
as the user.
Normally I'd just change the default here, but I think this might be a
significant enough difference in behaviour that you should have to ask
for it. So. New -localuser option? Change the default? Bad idea,
give up, take up farming?
- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.x.org/archives/xorg-devel/attachments/20090313/9b55767b/attachment.pgp
More information about the xorg-devel
mailing list