Re: Security Implications of running startx from command line - was Re: Startx: was Great Debian experience
On Mon 24 Mar 2014 at 12:37:36 +0100, Vincent Lefevre wrote:
> On 2014-03-23 21:06:55 +0100, Jörg-Volker Peetz wrote:
> > Seems I'm a little bit old-fashioned ;-)
> > According to the man-page Xsession(5) the system scripts take care of using a
> > log-file, given that you indeed don't have ~/.xinitrc .
> > So maybe the man-page of startx(1) has to be updated, since it only talks about
> > ~/.xinitrc .
>
> Because startx runs the xinitrc (either the user's one or the system
> one) and doesn't know anything about the .xsession file. Xsession files
> (including the user's .xsession) are sourced via the system xinitrc.
> Perhaps a section about Debian recommendations and default configuration
> should be added.
There was a time when startx(1) contained the advice:
Note that in the Debian system, what many people traditionally put in
the .xinitrc file should go in .xsession instead; this permits the same
X environment to be presented whether startx, xdm, or xinit is used to
start the X session. All discussion of the .xinitrc file in the
xinit(1) manual page applies equally well to .xsession. Keep in mind
that .xinitrc is used only by xinit(1) and completely ignored by
xdm(1).
It is interesting that there is not a single reference to .xinitrc in
Chapter 7 of the Debian Reference.
The only use I can think of off-hand for a .xinitrc is to avoid using
the Debian-specific Xsession if the system administrator has commented
out "allow-user-resources" in /etc/X11/Xsession.options.
Reply to: