Bug#4233: startx does not initialize X cookies
The startx script does not initialize the X Magic Cookies when
X is started up. This can be a significant security hole.
I would suggest adding a line like
xauth add :0 . `dd if=/dev/urandom count=1 bs=16 | md5sum`
to startx (ok, so md5sum is merely the fastest way to get
a correctly formatted string - possibly od can be persuaded with
the right options, or somebody can write a Perl script).
Thomas Koenig, Thomas.Koenig@ciw.uni-karlsruhe.de, firstname.lastname@example.org.
The joy of engineering is to find a straight line on a double