[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: X authentication and su (Re: changing framebuffer device owner during login)

Previously Joost Kooij wrote:
> luser> xauth list
> [lines with stuff, copy the "unix" one for your local display]
> luser> su - paranoid
> password:
> paranoid> export DISPLAY=:0
> paranoid> xauth add [now paste that line you just copied here]
> paranoid> /usr/bin/X11/untrusted-binary &

If it is indeed an untrusted binary you don't want it to be able to
chat with your X display anyway since it could immediately grab
another open window and start inserting commands in that. The
proper strategy is to run Xnest and run the application in that
instead.

Wichert.

-- 
  _________________________________________________________________
 /       Nothing is fool-proof to a sufficiently talented fool     \
| wichert@wiggy.net                   http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |
Reply to: