Re: [gdm-list] Security?



Hi George,

> Maybe the original version of gdm cookie generation was overkill on desktop
> linux machine (note that gdm should run on more than linux, and gdm should be
> secure even when not on linux).  But this is UNDERKILL.

So just a couple of comments,

- In the local case, we probably want to rely on socket peer
credentials instead of auth cookies anyway (i.e., does the user
calling XOpenDisplay have a uid that's okay with the server)
- If you ask the X server for an auth cookie (using
XSecurityGenerateAuthorization), it will give you one back using an
algorithm very similar to the one we're using now
- In the remote case, XDMCP is pretty insecure regardless.  Everything
goes over the wire unencrypted, for instance.  So you should really
only be using it if you know you're in a secure environment.
- It wouldn't be hard to make _generate_random_bytes call
g_random_set_seed every 4 bytes (or use make our own GRand instance
each call with enough entropy for the size passed in).  I can look
into doing that.

--Ray


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]