Re: [gdm-list] Security?

From: David Zeuthen <david fubar dk>
To: Ray Strode <halfline gmail com>
Cc: Jiri Lebl <jirka 5z com>, gdm-list gnome org
Subject: Re: [gdm-list] Security?
Date: Fri, 30 Nov 2007 13:10:47 -0500

On Fri, 2007-11-30 at 13:00 -0500, Ray Strode wrote:
> Hi,
> 
> > I haven't read the code you are referencing (and the context is not
> > clear from your mail) but maybe the cookie doesn't have to be secure;
> > after all, things like
> In this case, if a user knows the cookie they can open the display and
> do damage, snoop, etc, so if we have a cookie it shouldn't be
> guessable.

Cookie is an overload word. FWIW, I wasn't talking about auth cookies...
Just ignore my message; it's now clear to me it's about auth cookies.

      David

References:
- [gdm-list] Security?
  - From: Jiri Lebl
- Re: [gdm-list] Security?
  - From: David Zeuthen
- Re: [gdm-list] Security?
  - From: Ray Strode

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]