BUG: Xephyr broken SECURITY extension

To: mallum@o-hand.com
Cc: debian-x@lists.debian.org, asac@ubuntu.com, daniel@fooishbar.org, matthieu@bluenote.herrb.com
Subject: BUG: Xephyr broken SECURITY extension
From: Liraz <liraz@liraz.org>
Date: Fri, 27 Jun 2008 15:22:51 +0300
Message-id: <[🔎] 4864DB9B.5030408@liraz.org>

Hi,

I think I found a bug in Xephyr's support for the X SECURITY extension.

I'm using an Ubuntu packaged version of Xephyr in the xserver-xephyr
package version 2:1.4.1~git20080131-1ubuntu9.

For those of you not using Debian this version is based on the following
upstream commit (from Jan 18): b6d4cdf64f43ae805beada6122c8be2ed138742c


For some reason the server does not allow cookies were generated by
xauth (regardless of whether the cookie is a trusted or untrusted type).

Reproducing the bug::

    # create auth
    rm -f /tmp/xauth
    xauth -f /tmp/xauth add :1 . $(mcookie)

    # run xephyr with auth
    Xephyr :1 -auth /tmp/xauth &

    # set Xephyr as X server
    DISPLAY=:1

    # test
    XAUTHORITY=/tmp/xauth xterm

    # now try to connect to the server with a "generated" X
    # authorization
    rm -f /tmp/xauth2

    # generate new authorization cookie into /tmp/xauth2
    XAUTHORITY=/tmp/xauth xauth -f /tmp/xauth2 generate $DISPLAY .

    # test X connection - it fails!
    XAUTHORITY=/tmp/xauth2 xterm

I tested the same sequence of commands with the regular X server and it
worked just fine.

Note that the problem seems to be shared by Xnest as well.

Cheers,
Liraz

Reply to:

Prev by Date: xserver-xorg-video-ati_6.9.0-1_i386.changes ACCEPTED
Next by Date: Bug#488277: xserver-xorg-video-radeon: No longer uses correct resolution when a second screen is connected
Previous by thread: xserver-xorg-video-ati_6.9.0-1_i386.changes ACCEPTED
Next by thread: Bug#488277: xserver-xorg-video-radeon: No longer uses correct resolution when a second screen is connected
Index(es):
- Date
- Thread