Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience

To: debian-user@lists.debian.org
Subject: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
From: "Steve Litt of Troubleshooters.Com" <littdom@gmail.com>
Date: Fri, 21 Mar 2014 13:35:37 -0400
Message-id: <[🔎] 20140321133537.5e3e923b@mydesk>
In-reply-to: <[🔎] lghej2$ven$1@ger.gmane.org>
References: <[🔎] CAOsGNSSDt+5w-tEAiJNkFNkL0TMcLF4LjUiOkkW+oXDFiei2pQ@mail.gmail.com> <[🔎] 20032014141516.0992330632ae@desktop.copernicus.demon.co.uk> <[🔎] 20140321092421.GA15054@bryant.redmars.org> <[🔎] 20140321095203.GB4030@copernicus.demon.co.uk> <[🔎] 20140321102454.GA16657@bryant.redmars.org> <[🔎] 21032014103947.7b37bc831857@desktop.copernicus.demon.co.uk> <[🔎] CAOZWb-q+WwdAdB6Nz0RrHPRqvmZC0_Y3oi36V55A2H7yRFO9OQ@mail.gmail.com> <[🔎] 20140321111818.GB10490@darac.org.uk> <[🔎] 21032014113647.c62190855751@desktop.copernicus.demon.co.uk> <[🔎] lghej2$ven$1@ger.gmane.org>

On Fri, 21 Mar 2014 14:25:14 +0100
"Valerio Vanni" <valerio@valeriovanni.com> wrote:

> "Brian" <ad44@cityscape.co.uk> ha scritto nel messaggio
> [🔎] 21032014113647.c62190855751@desktop.copernicus.demon.co.uk">news:[🔎] 21032014113647.c62190855751@desktop.copernicus.demon.co.uk
> 
> > For the situation when X is started with startx would 'startx &
> > exit' prevent the termination of an X session even if CTRL+ALT+FN
> > etc gets console access?
> 
> I've always used "startx & exit", and it works perfectly.
> It doesn't prevent the termination of an X session, but if it's
> terminated you get a logon prompt as if you had just booted the
> machine.

I just tried both:

startx & exit

startx; exit

The former logs out of the original bash session immediately, running X
in the background, so you see no stdout from X. I don't know where it
goes.

The latter shows the stdout from X, but when you leave X, whether
normally from Xfce or by Ctrl+C'ing in tty1, it automatically logs out
of the bash session and leaves you at the login prompt.

I guess the choice between these two depends on how valuable you think
it is to see the stdout from X (for debugging, presumably), how worried
you are about where all that stdout is going if X is run in the
background, how worried you are that somebody could find a way of
killing X and simultaneously preventing the exit to happen.

To cure my paranoia of having stdout going to an unknown place, I made
the following executable /usr/local/bin/exx:

==========================
#!/bin/bash
startx > /dev/null & exit
==========================

I invoke it like this:

. exx

I think that dot space before the command is similar to "exec", which
runs it in the current process, so the current process, rather than a
spawned process, is what gets exited. It appears to work perfectly,
logging out tty1 the instant X is up and running.

I didn't plan this, but this 2 line shellscript has the added benefit
that if I forget the dot, and forgetting it would leave the bash
session open, it tells me I don't have privileges to run X, and refuses
to run X. So I can't make a dumb mistake.

I'm probably going to start using this exx script on all my Debian
computers.

Thanks,

SteveT

Steve Litt                *  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance

Reply to:

Follow-Ups:
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Vincent Lefevre <vincent@vinc17.net>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Jörg-Volker Peetz <jvpeetz@web.de>

References:
- Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Zenaan Harkness <zen@freedbms.net>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Jonathan Dowland <jmtd@debian.org>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Robin <rc.rattusrattus@gmail.com>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Darac Marjal <mailinglist@darac.org.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: Brian <ad44@cityscape.co.uk>
- Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
  - From: "Valerio Vanni" <valerio@valeriovanni.com>

Prev by Date: Lightdm doesn't start after using the lightdm-webkit-greeter
Next by Date: OT: Toshiba laptop suitability
Previous by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Next by thread: Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
Index(es):
- Date
- Thread