Re: user not authorized to run X, strange variant

To: Erik Steffl <steffl@bigfoot.com>
Cc: debian-user <debian-user@lists.debian.org>
Subject: Re: user not authorized to run X, strange variant
From: sena <sena@decoy.ath.cx>
Date: Wed, 13 Dec 2000 01:01:20 +0000
Message-id: <[🔎] 20001213010120.A3957@decoy.ath.cx>
Mail-followup-to: sena <sena@decoy.ath.cx>, Erik Steffl <steffl@bigfoot.com>, debian-user <debian-user@lists.debian.org>
In-reply-to: <[🔎] 3A36A94F.13BB9727@bigfoot.com>; from steffl@bigfoot.com on Tue, Dec 12, 2000 at 02:40:15PM -0800
References: <[🔎] 3A35FF47.2D440463@bigfoot.com> <[🔎] 20001212144559.B11318@decoy.ath.cx> <[🔎] 3A36616C.1B4DF176@bigfoot.com> <[🔎] 20001212185258.A984@decoy.ath.cx> <[🔎] 3A367E06.E81BAC35@bigfoot.com> <[🔎] 20001212221903.B3063@decoy.ath.cx> <[🔎] 3A36A94F.13BB9727@bigfoot.com>

On 12/12/2000 at 14:40 -0800, Erik Steffl wrote:
>   that's the problem. the default is secure but the most typical (my
> assessment) setup cannot be made secure as you have to let anybody run
> X. what's the use of security measure that has to be disabled in most
> cases?
> 
>   so while I agree with you first sentence and your second sentence I
> certainly do not think it's nice.
> 
>   it may be possible to set it up somehow that only root & xdm or
> console user & xdm can start X but since I cannot find any docs on
> this... I'll try to search the /usr/doc when I get home... maybe there's
> some readme/faq there.
> 
OK... You have your point there...

But it's just a simple control. RootOnly/Console/Anybody. There. If you want
to control who may use X on a user basis, create a new group, add users to
that group, and chmod X to be executable only by that group...

But, for example, on my machine I don't mind if my users run X. But I don't
want that those who connect with ssh to start X. So, I use
allowed_users=console. Done.

You don't have to rely simply on Xwrapper.config to control who uses X.

Regards, sena...

-- 
sena@decoy.ath.cx, http://decoy.ath.cx/~sena/
gpg fingerprint: F20B 12A8 A8F6 FD1F 9B1D BA62 C424 8E73 DD2E 47C8

Reply to:

References:
- user not authorized to run X, strange variant
  - From: Erik Steffl <steffl@bigfoot.com>
- Re: user not authorized to run X, strange variant
  - From: sena <sena@decoy.ath.cx>
- Re: user not authorized to run X, strange variant
  - From: Erik Steffl <steffl@bigfoot.com>
- Re: user not authorized to run X, strange variant
  - From: sena <sena@decoy.ath.cx>
- Re: user not authorized to run X, strange variant
  - From: Erik Steffl <steffl@bigfoot.com>
- Re: user not authorized to run X, strange variant
  - From: sena <sena@decoy.ath.cx>
- Re: user not authorized to run X, strange variant
  - From: Erik Steffl <steffl@bigfoot.com>

Prev by Date: Debian Apache package
Next by Date: where's dexter
Previous by thread: Re: user not authorized to run X, strange variant
Next by thread: Re: user not authorized to run X, strange variant
Index(es):
- Date
- Thread