xsecurity extension?

Shaya Potter spotter at cs.columbia.edu
Mon Mar 31 18:24:50 PDT 2008


i can't seem to get "untrusted" x sessions to work, I assume its that I 
misunderstand it, but I'm really confused at the moment, any help would 
be appreciated.

for example

1) "su" to root
spotter at zaphod:~$ su -
Password:

2) setup display
zaphod:~# export DISPLAY=:0

3) run xterm, shouldn't work due to not having key
zaphod:~# xterm
Xlib: connection to ":0.0" refused by server
Xlib: No protocol specified

Warning: This program is an suid-root program or is being run by the 
root user.
The full text of the error or warning message cannot be safely formatted
in this environment. You may get a more descriptive message by running the
program as a non-root user or by removing the suid bit on the executable.
xterm Xt error: Can't open display: %s

4) add regular key

zaphod:~# xauth add :0 MIT-MAGIC-COOKIE-1 e69bb65a53a9f24e9a9eb5d917670433

5) run xterm again (it works)

zaphod:~# xterm
Warning: Cannot convert string "vlines2" to type Pixmap
(reverse-i-search)`gener': xauth generate :0 MIT-MAGIC-COOKIE-1 untrusted

6) generate a "trusted" key

zaphod:~# xauth generate :0 MIT-MAGIC-COOKIE-1 trusted

7) run xterm again (it works)

zaphod:~# xterm
Warning: Cannot convert string "vlines2" to type Pixmap

8) generate an untrusted key

zaphod:~# xauth generate :0 MIT-MAGIC-COOKIE-1 untrusted

9) run xterm again (it doesn't work)

zaphod:~# xterm
X Error of failed request:  BadAtom (invalid Atom parameter)
   Major opcode of failed request:  20 (X_GetProperty)
   Atom id in failed request:  0x17
   Serial number of failed request:  3
   Current serial number in output stream:  3




More information about the xorg mailing list