[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: coupe things RedHat does well and Debian should too

>>>>> "Jason" == Jason Gunthorpe <jgg@ualberta.ca> writes:

    Jason> This is also crazy. If you su to root the best thing to do
    Jason> is to set XAUTHORITY=/home/foo/.Xauthority. If you su to
    Jason> another user the sane thing to do is to use ssh and secure
    Jason> X forwarding. Otherwise you leak your X cookie to
    Jason> potentially evil users.

mod_xauth isn't this dumb; it only forwards the cookie when su'ing
from a non-root user to root (unless you configure it to do


Brought to you by the letters C and Y and the number 10.
"I'm with insurance."
Debian GNU/Linux maintainer of Gimp and GTK+ -- http://www.debian.org/

Reply to: