[Tfug] Login managers and fvwm

Neil Short neshort at yahoo.com
Wed Jul 18 17:25:12 MST 2007


--- Claude Rubinson <rubinson at u.arizona.edu> wrote:

> On Sun, Jul 15, 2007 at 08:14:44AM -0700, Neil Short
> wrote:
> > startx by a non-root user considered by some to be
> > insecure and has therefore been restricted in some
> > environments (notably the BSDs). Since Debian has
> a
> > fairly strong security focus don't be surprised if
> > non-root startx eventually goes away.
> > 
> > The recommended methods for starting the graphical
> > environment is either from a display manager or
> via a
> > security wrapper, e.g.,
>
http://www.freebsd.org/cgi/url.cgi?ports/x11/wrapper/pkg-descr
> 
> Could you provide a pointer to a more detailed
> discussion.  This seems
> odd to me as startx is simply a wrapper around
> xinit.  If startx is
> too liberal in what it accepts, why not just write a
> more secure
> replacement?
> 
> Claude
> 
> __________

You are correct. This is old news and things change.
XFree86 used to have a vulnerability with non-root
startx; and the wrapper was written to handle it; but
xorg includes the wrapper code already; so it is built
in to the startx wrapper. I ran into this problem a
LONNG time ago and at that time I just got into the
habit of using display managers.

It took some tracking to find this out - since you
requested where I got my information. Now, since the
code is built into xorg nobody even thinks about it
any more.

======
Because sentence against an evil deed is not executed speedily, the human heart is fully set to do evil.
Ecclesiastes 8:11


       
____________________________________________________________________________________
Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469




More information about the tfug mailing list