Re: user not authorized to run X, strange variant
On 12/12/2000 at 14:40 -0800, Erik Steffl wrote:
> that's the problem. the default is secure but the most typical (my
> assessment) setup cannot be made secure as you have to let anybody run
> X. what's the use of security measure that has to be disabled in most
> cases?
>
> so while I agree with you first sentence and your second sentence I
> certainly do not think it's nice.
>
> it may be possible to set it up somehow that only root & xdm or
> console user & xdm can start X but since I cannot find any docs on
> this... I'll try to search the /usr/doc when I get home... maybe there's
> some readme/faq there.
>
OK... You have your point there...
But it's just a simple control. RootOnly/Console/Anybody. There. If you want
to control who may use X on a user basis, create a new group, add users to
that group, and chmod X to be executable only by that group...
But, for example, on my machine I don't mind if my users run X. But I don't
want that those who connect with ssh to start X. So, I use
allowed_users=console. Done.
You don't have to rely simply on Xwrapper.config to control who uses X.
Regards, sena...
--
sena@decoy.ath.cx, http://decoy.ath.cx/~sena/
gpg fingerprint: F20B 12A8 A8F6 FD1F 9B1D BA62 C424 8E73 DD2E 47C8
Reply to: