Re: Is "xhost +si:localuser:root" safe?
On 2014-07-22 23:11:21 +0200, Martin Steigerwald wrote:
> Am Dienstag, 22. Juli 2014, 17:48:24 schrieb Vincent Lefevre:
> > To be able to save/restore the XKB keymap in a /etc/pm/sleep.d script
> > (as a workaround for Debian bug 633849), xkbcomp needs to have access
> > to the display. The simplest solution I've found is a
> >
> > xhost +si:localuser:root
> >
> > in my .xsession file.
>
> I think more fine grained would be to use xauth extract / xauth merge.
Yes, perhaps a merge with ~root/.Xauthority
> Or just:
>
> export XAUTHORITY=/home/$USER/.Xauthority
No, this will clash with gdm3 (if I choose to use it again).
> > I thought that this would be more or less equivalent to the current
> > status as root can due pretty much anything, such as getting the
> > user's X authority file via /proc/*/environ (my sleep.d script
> > could do the same thing, but this is a rather dirty solution).
>
> Hmmm, okay, so tought about this solution. Why do you think it is dirty?
This is potentially insecure. I'm the only user of the machine, but
I want to method to still be safe if there are other users, just in
case. Some user may introduce fake XAUTHORITY values, such as a
symlink pointing to some /dev file... I don't like that.
> >
> > [*] https://lists.debian.org/debian-user/2014/05/msg00045.html
> > http://superuser.com/a/573839 (This one even says that this
> > isn't much different from a raw "xhost +"!)
>
> Well root can always set XAUTHORITY to some random user .Xauthority
> file, so I don´t see much of a difference.
The problem is that "xhost +" allows other non-root users to accede
the display of the user doing the "xhost +". "xhost +si:localuser:root"
doesn't have this problem.
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: