On Tue, 03 Nov 1998 18:13:54 +1100, David Dawes wrote:
> I assume from this list that you don't have a real solution? We've all
> seen the "potential" solutions before. The problem doesn't still exist
> because nobody cares about it. It still exists because nobody has, to
> my knowledge, found a real solution to it.
I consider a solution that leaves my X session open to eavesdropping
and manipulation worse than a hack that's advertised as breaking some
minor things but going to go away as soon as a better solution is
found.
Second, not all approaches necessarily break things.
1. Unix domain sockets could easily abandoned with, provided
XOpenConnection clandestinely maps "unix:0" to "localhost:0".
2. If making /tmp/.X11-unix mode 711 breaks servers that are not
setuid root, why not at least protect the ones that are?
How many X servers typically get installed on a single machine?
AFAIK, most Unix vendors have been able to come up with a solution.
Not a universal one, but one that works for their servers, and
apparently doesn't break XOpenConnection big time.
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okirat_private | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:22:12 PDT