On Tue, 2011-06-14 at 21:23 -0500, Dan Williams wrote:
systemd might be happy if you change it later, but other stuff is
not.
The canonical example is X, where the hostname was used as the xauth key
to allow you to actually talk to the X server. When the hostname
changed, there was no authorization for the new hostname in your xauth
file, so starting new apps would silently fail. Basing *anything* like
that on your machine hostname is just stupid. It might work for you,
but it doesn't work for lots of other people, so lets fix it for
everyone. And we did back in the F10 timeframe
with /etc/X11/xinit/xinitrc.d/localuser.sh where we just let any local
user connect, since that's exactly what xauth's hostname thing was
supposed to do anyway.
To clarify, we allow local connections where the UID of the connecting
process matches the one specified in the xhost call (which is run after
you've established a session, so you know the UID of the user whose
session is trying to connect). Dan's statement could be read that we
allow connections from any local user at all, which is definitely not
true.
- ajax