Re: xhost +localhost has no effect [SUMMARY]

To: debian-user@lists.debian.org
Subject: Re: xhost +localhost has no effect [SUMMARY]
From: HdV@DTO.TUDelft.NL
Date: Fri, 12 Sep 2003 12:54:47 +0200 (MEST)
Message-id: <[🔎] Pine.GSO.4.44.0309121244070.14468-100000@sanders.rc.tudelft.nl>
In-reply-to: <[🔎] 20030912010419.GA8967@shorty.ca>

On Thu, 11 Sep 2003, ScruLoose wrote:

> On Tue, Sep 09, 2003 at 11:44:22PM -0400, ScruLoose wrote:
> >
> > So I want to log in to X as one regular (non-root) user, and then allow
> > a different regular user to run X apps.
> >
> >   Xlib: connection to ":0.0" refused by server
> >   Xlib: Client is not authorized to connect to Server
>
>   xauth -merge ~<xserver-user>/.xauthority
          ^                       ^

merge is a command to xauth, not an option (something like 'show' in
'apt-cache show').

The file containing the MIT-magic-cookie is named .Xauthority. Case is
important here.

> gave me a usage message, so I did:
>   xauth merge ~<xserver-user>/.xauthority
> which executed silently, but had no apparent effect.

Hmm, did you set the DISPLAY environment variable first?

Try this invocation and see what happens:

$ export DISPLAY=:0.0
$ xauth merge ~username/.Xauthority
$ some_x_app &

As far as I know this should work in almost any situation I can think
of.

>
>   xhost +local:
> did exactly what I wanted.

This effectively allows any local user to connect to your X.
Non-repudiation is gone if you do that. Please adhere to "the principle
of least privilege" if you want to keep your system secure. Stick to the
xauth method.

Grx HdV

Reply to:

References:
- Re: xhost +localhost has no effect [SUMMARY]
  - From: ScruLoose <scruloose+debuser@eastlink.ca>

Prev by Date: some tools are running as root only - no network printer access
Next by Date: cupsd user
Previous by thread: Re: xhost +localhost has no effect [SUMMARY]
Next by thread: GTK Firewall Control Center
Index(es):
- Date
- Thread