On Tue, 03 Nov 1998 18:13:54 +1100, David Dawes wrote: > I assume from this list that you don't have a real solution? We've all > seen the "potential" solutions before. The problem doesn't still exist > because nobody cares about it. It still exists because nobody has, to > my knowledge, found a real solution to it. I consider a solution that leaves my X session open to eavesdropping and manipulation worse than a hack that's advertised as breaking some minor things but going to go away as soon as a better solution is found. Second, not all approaches necessarily break things. 1. Unix domain sockets could easily abandoned with, provided XOpenConnection clandestinely maps "unix:0" to "localhost:0". 2. If making /tmp/.X11-unix mode 711 breaks servers that are not setuid root, why not at least protect the ones that are? How many X servers typically get installed on a single machine? AFAIK, most Unix vendors have been able to come up with a solution. Not a universal one, but one that works for their servers, and apparently doesn't break XOpenConnection big time. Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okirat_private | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:12 PDT