[Tfug] Login managers and fvwm
Neil Short
neshort at yahoo.com
Wed Jul 18 17:25:12 MST 2007
--- Claude Rubinson <rubinson at u.arizona.edu> wrote:
> On Sun, Jul 15, 2007 at 08:14:44AM -0700, Neil Short
> wrote:
> > startx by a non-root user considered by some to be
> > insecure and has therefore been restricted in some
> > environments (notably the BSDs). Since Debian has
> a
> > fairly strong security focus don't be surprised if
> > non-root startx eventually goes away.
> >
> > The recommended methods for starting the graphical
> > environment is either from a display manager or
> via a
> > security wrapper, e.g.,
>
http://www.freebsd.org/cgi/url.cgi?ports/x11/wrapper/pkg-descr
>
> Could you provide a pointer to a more detailed
> discussion. This seems
> odd to me as startx is simply a wrapper around
> xinit. If startx is
> too liberal in what it accepts, why not just write a
> more secure
> replacement?
>
> Claude
>
> __________
You are correct. This is old news and things change.
XFree86 used to have a vulnerability with non-root
startx; and the wrapper was written to handle it; but
xorg includes the wrapper code already; so it is built
in to the startx wrapper. I ran into this problem a
LONNG time ago and at that time I just got into the
habit of using display managers.
It took some tracking to find this out - since you
requested where I got my information. Now, since the
code is built into xorg nobody even thinks about it
any more.
======
Because sentence against an evil deed is not executed speedily, the human heart is fully set to do evil.
Ecclesiastes 8:11
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469
More information about the tfug
mailing list