How exactly is the Xorg MIT-COOKIE being sent by the application to the server - does Xlib do that?

Wed Oct 31 03:30:37 UTC 2018

You can setup Xorg to listen only on a UNIX DOMAIN socket:
*Xorg -nolisten tcp -nolisten inet -nolisten inet6 -listen unix
-nolisten local  :0 -seat seat0 vt7 -novtswitch&*

The Xorg process must receive a COOKIE on this /tmp/X11/X0 and
@/tmp/X11/X0 device, that matches its cookie - it then creates an
internal CONTEXT that is associated with the cookie-senders IP:PORT IF
this were a socket (TCP etc) since we've disabled TCP, the pipe is
used but how does Xorg validate connections on that one pipe? Does it
use/generate a different token (similar to what FTP does - one port to
negotiate and another for xfer) or is the cookie passed in for every
API call the Xlib/Client makes AFTER XOpenWIndow()?

(I read those docs but I'm not an expert on Xorg and its API and it
has over 10 O'Reilly manuals so..)