RE: Newbee-ish X and root question

To: "'Vineet Kumar'" <debian-user@virtual.doorstop.net>, debian-user@lists.debian.org
Subject: RE: Newbee-ish X and root question
From: "deFreese, Barry" <Barry.deFreese@nike.com>
Date: Tue, 25 Mar 2003 15:56:10 -0800
Message-id: <[🔎] 2D14766B2568D611A80B0008C733F3DD01632224@foothill-svr-03.nike.com>

> -----Original Message-----
> From: Vineet Kumar [mailto:debian-user@virtual.doorstop.net]
> Sent: Tuesday, March 25, 2003 2:12 PM
> To: debian-user@lists.debian.org
> Subject: Re: Newbee-ish X and root question
> 
> 
> Two things.  Environment variables, to be precise.  The two 
> in question
> are DISPLAY and XAUTHORITY.  The former tells X clients where the
> display is (after all, it could be another X server on this 
> machine, or
> another machine entirely ... it s X after all =).  The latter tells X
> clients how to authenticate themselves to that display.  Your 
> display is
> smart enough to not just allow anybody that tries to connect 
> to it.  The
> dangers of such actions are greater than just anybody being able to
> display nasty pictures on your screen, but also to take more control
> over your X session's behavior, such as changing the way your pointer
> and/or keyboard behave.  Note that using xhost generally leaves your
> arse wide open like this, which is why You Should Never Use 
> Xhost.  (If
> you don't know what xhost is, great.  Just know that if anybody ever
> tells you to use it, they're giving you bad advice.)
> 
> The XAUTHORITY environment variable points to a file in which a 'magic
> cookie' is stored.  The X server won't allow any client to 
> connect if it
> doesn't know the magic cookie.  When you 'su -m', your 
> original XAUTHORITY
> environment variable is still present in root's environment.  This
> points at a file in your non-root-user's home directory.  Since you're
> now root, you have permission to read that file and get the 
> magic cookie
> contained inside.  The corollary is that this method won't 
> work (without
> a minor adjustment) when using 'su -m' to become another 
> non-root user.
> For that, you can either use the xauth tool or modify the 
> permissions on
> your xauthority file to allow the other user to read it.  (Or you can
> manually give them the cookie, which is basically something that xauth
> will help you do less manually.)
> 
> good times,
> Vineet
> -- 
> http://www.doorstop.net/
> -- 
> "If we do not believe in freedom of speech for those we 
> despise we do not
> believe in it at all."  --Noam Chomsky
>

Vineet,

Good information, thanks for that!!

Barry deFreese
Technology Services Manager
Nike Team Sports
(949)-616-4005
Barry.deFreese@nike.com

"Technology doesn't make you less stupid; it just makes you stupid faster."
Jerry Gregoire - Former CIO at Dell

Reply to:

Prev by Date: Re: Convincing someone to switch to Linux
Next by Date: Re: smartsuite obsolete?
Previous by thread: RE: Newbee-ish X and root question
Next by thread: updating KDE menus
Index(es):
- Date
- Thread