Default local auth policy

[Adam Jackson]

Currently, if you start X without -ac and without -auth, the default
connection policy is to allow connections from localhost.  In
particular, this means on every IPv[46] address, and any local
transports including unix sockets.

I'd like to see a mode where the default policy is effectively
+si:localuser:`id -un`, which would allow connections only from the uid
that started the server.  This is effectively the policy everyone's
trying to implement with xauth cookies, but cookies have to get stored
on disk somewhere which sucks for NFS and r/o images, etc.  For the gdm
case, the display manager would add the real user to the access list
once they've been authed, and then remove itself and start the session
as the user.

Normally I'd just change the default here, but I think this might be a
significant enough difference in behaviour that you should have to ask
for it.  So.  New -localuser option?  Change the default?  Bad idea,
give up, take up farming?

- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.x.org/archives/xorg-devel/attachments/20090313/9b55767b/attachment.pgp