Re: Access Control behaves strange
On Wednesday 16 May 2001 00:35, Jens Benecke wrote:
> On Tue, May 15, 2001 at 10:48:11PM +0200, Achim Bohnet wrote:
> > On Tuesday 15 May 2001 22:16, Burkhard Perkens-Golomb wrote:
> > > During upgrade a warning appears that X starts now with "-nolisten tcp"
> > > :-) . See /etc/X11/kdm/Xservers, delete "-nolisten tcp".
> > No please don't delete it (without a good reason). The problem can be
> > solved in two other ways without any security loss. a) use ssh as
> > described earlier or b) use :0 instead of localhost:0 and su - After su -
> > you can use (put it in a script) as root:
>
> > export DISPLAY=:0
> > xauth -f ~<my-normal-user>/.Xauthority extract - $DISPLAY | xauth merge -
>
> There's an even simpler way (tho I wouldn't understand why you don't use
> ssh):
Security: direct root login not permited (never tried to figure out how
to allow root login only via localhost)
Minor: Overhead, response. Compare x app via ssh tunneling and direct :0 access.
:0 is much more responsive.
> ln -fs /home/achim/.Xauthority /root/.Xauthority
>
> That way root will always have the "Magic cookie" from X, when achim is
> logged in via X.
Because there can't be 3 /home/{achim,harald,joachim}/.Xauthority links, sig.
But for the standard 'this is my box' case you are right. Done on my Laptop.
Thanks for the tip.
>
> > > Greetings to Wuppertal from Munich,
> > Second greeting to Wuppertal from Munich, and first one from Munich to
> > Munich :)
>
> All greetings from Hamburg to Wuppertal, Munich and also Munich ;)
>
> are we provoking a pingpong here?
:)
Achim
>
>
>
> --
> Jens Benecke > "Dann nimm lieber gleich Pattex!"
> "Na, ob das was hilft - der Hersteller ist schließlich eine
> Gesellschaft mit beschränkter Haftung :-)" (-- aus dem Usenet)
> http://www.hitchhikers.de/ - Die kostenlose Mitfahrzentrale für ganz Europa
>
----------------------------------------
Content-Type: application/pgp-signature; charset="iso-8859-1"; name="Attachment: 1"
Content-Transfer-Encoding: 7bit
Content-Description:
----------------------------------------
--
To me vi is Zen. To use vi is to practice zen. Every command is
a koan. Profound to the user, unintelligible to the uninitiated.
You discover truth everytime you use it.
-- reddy@lion.austin.ibm.com
Reply to: