xsecurity extension?
Shaya Potter
spotter at cs.columbia.edu
Mon Mar 31 18:24:50 PDT 2008
i can't seem to get "untrusted" x sessions to work, I assume its that I
misunderstand it, but I'm really confused at the moment, any help would
be appreciated.
for example
1) "su" to root
spotter at zaphod:~$ su -
Password:
2) setup display
zaphod:~# export DISPLAY=:0
3) run xterm, shouldn't work due to not having key
zaphod:~# xterm
Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified
Warning: This program is an suid-root program or is being run by the
root user.
The full text of the error or warning message cannot be safely formatted
in this environment. You may get a more descriptive message by running the
program as a non-root user or by removing the suid bit on the executable.
xterm Xt error: Can't open display: %s
4) add regular key
zaphod:~# xauth add :0 MIT-MAGIC-COOKIE-1 e69bb65a53a9f24e9a9eb5d917670433
5) run xterm again (it works)
zaphod:~# xterm
Warning: Cannot convert string "vlines2" to type Pixmap
(reverse-i-search)`gener': xauth generate :0 MIT-MAGIC-COOKIE-1 untrusted
6) generate a "trusted" key
zaphod:~# xauth generate :0 MIT-MAGIC-COOKIE-1 trusted
7) run xterm again (it works)
zaphod:~# xterm
Warning: Cannot convert string "vlines2" to type Pixmap
8) generate an untrusted key
zaphod:~# xauth generate :0 MIT-MAGIC-COOKIE-1 untrusted
9) run xterm again (it doesn't work)
zaphod:~# xterm
X Error of failed request: BadAtom (invalid Atom parameter)
Major opcode of failed request: 20 (X_GetProperty)
Atom id in failed request: 0x17
Serial number of failed request: 3
Current serial number in output stream: 3
More information about the xorg
mailing list