Re: [gdm-list] Why do GDM 2.22.0 set xauth file owner as login user



Hi,

> Then I believe GDM calls the function gdm_auth_user_add to ensure
> that the user's $HOME/.Xauthority file to contain the key.  It
> seems better for GDM to honor the user's file rather than setting
> XAUTHORITY to /var/run/gdm and then loosening permissions on this
> directory.

What do you mean by "honor the user's file" ? We control where the
user's file is via the XAUTHORITY environment variable.  GDM isn't a
consumer of the X authority file, it's the producer.

Note also, we aren't loosening any permissions.  GDM's auth cookie
file is only readable by it.

--Ray


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]