Re: running root X programs

To: ajt60@cantva.canterbury.ac.nz
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: running root X programs
From: shaul@rakefet.debian.org
Date: Sun, 06 Sep 1998 01:58:39 +0300
Message-id: <[🔎] m0zFRI3-00027GC@rakefet>
Reply-to: beitamos@inter.net.il
In-reply-to: Your message of "Sat, 05 Sep 1998 22:53:01 +1200." <[🔎] Pine.LNX.3.96.980905225116.235A-100000@Caliban>

> 
> I know this has been addressed before, I've tried searching the archives
> for it, but without success. 
> 
> How do you run an X program as root whilst still in a user X session? 
> 
# Date: Tue, 07 Jul 1998 16:19:01 -0500
# From: "Jens B. Jorgensen" <jjorgens@bdsinc.com>
# Organization: Business Data Services, Inc.
# MIME-Version: 1.0
# To: Will Lowe <harpo@UDel.Edu>, ej@pitnet.net,
#         Debian Users <debian-user@lists.debian.org>
# Subject: export XAUTHORITY=$(echo /var/lib/xdm/authdir/authfiles/*)
# Resent-From: debian-user@lists.debian.org
# -------------
# Will Lowe wrote:
#
# > On Tue, 7 Jul 1998 ej@pitnet.net wrote:
# >
# > > Unless explicitly told to do so using xhost, X does not allow anybody
# > > other than the person who started it to open windows on its desktop,
# > > not even root.  I could never figure out the proper syntax for xhost,
# > > however, so I usually end up just using 'xhost +' which disables all
# > > access control and then 'xhost -' when I'm done.
# >
# > That's pretty insecure.  I've seen instances where people on our campus
# > (admittedly,  a large one with relatively insecure systems anyway) have
# > had other people connect to their X displays because they'd done the
# > "xhost +" bit.  Generally more a nuisance than a real security concern,
# > but still... "xhost + locahost" is only marginally more secure ... with
# > that one,  just anyone on the x machine can connect ... so on a system
# > which distributes campus email,  that's a few thousand people here...
# >
# > Go for "sudo".
#
# Actually, it's potentially much more than a nuisance. An X client can capture 
# all your keystrokes. You do the math.
#
# To just allow root to run an X app when you logged in as someone other than 
# root do:
#
# chilin$ su
# Password:
# chilin# export XAUTHORITY=$(echo /var/lib/xdm/authdir/authfiles/*)
#
# This way you can log access the server using the xauth data which only you and
# root have access to. Neato.
# Try it!
#
# - --
# Jens B. Jorgensen
# jjorgens@bdsinc.com

Reply to:

References:
- running root X programs
  - From: Andrew <ajt@csc.canterbury.ac.nz>

Prev by Date: Re: Debian Netscape Installer and glibc2 Communicator 4.06
Next by Date: Re: X windows...
Previous by thread: Re: running root X programs
Next by thread: Re: running root X programs
Index(es):
- Date
- Thread