Re: shutdown from gnome logout dialog
On Mon, 15 Sep 2003 23:30:30 +0200, Sven Luther wrote:
> On Mon, Sep 15, 2003 at 09:46:26PM +0200, Carlos Perelló Marín wrote:
>
>> It's not a bad idea but it has some security issues. What happens if an
>> application executes "touch $HOME/.gdm-reboot"? the user does not want
>> reboot the machine but a virus/trojan could do it without problems
>
> What about gdm passing to gnome-session a magic number or something, and
> gdm would only reboot/halt if this same magic number would be found in
> the .gdm-reboot/halt file ?
>
> As the magic number will only be known to gdm and gnome-session, it
> should be secure, unless your random number generator is compromised,
> but in these case, i suspect you are in deeper trouble anyway.
gdm could just pass on a file handle (a pipe) to the X session script
which passes that on to gnome-session. gnome-session could then use the
inherited pipe to communicate with gdm.
Not really a clean design, but it doesn't use any files :-)
--
Best Regards, | Hi! I'm a .signature virus. Copy me into
Sebastian | your ~/.signature to help me spread!
Reply to: