systemd: please stop trying to take over the world :)
Adam Jackson
ajax at redhat.com
Wed Jun 15 13:40:42 UTC 2011
On Tue, 2011-06-14 at 21:23 -0500, Dan Williams wrote:
> systemd might be happy if you change it later, but other stuff is not.
> The canonical example is X, where the hostname was used as the xauth key
> to allow you to actually talk to the X server. When the hostname
> changed, there was no authorization for the new hostname in your xauth
> file, so starting new apps would silently fail. Basing *anything* like
> that on your machine hostname is just stupid. It might work for you,
> but it doesn't work for lots of other people, so lets fix it for
> everyone. And we did back in the F10 timeframe
> with /etc/X11/xinit/xinitrc.d/localuser.sh where we just let any local
> user connect, since that's exactly what xauth's hostname thing was
> supposed to do anyway.
To clarify, we allow local connections where the UID of the connecting
process matches the one specified in the xhost call (which is run after
you've established a session, so you know the UID of the user whose
session is trying to connect). Dan's statement could be read that we
allow connections from any local user at all, which is definitely not
true.
- ajax
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20110615/3b872c8c/attachment.bin
More information about the devel
mailing list