[techtalk] Gnome question

Nils Philippsen nils at wombat.dialup.fht-esslingen.de
Sun Oct 15 18:17:59 EST 2000


On Sun, 15 Oct 2000, BobTFish wrote:

> At 14:30 15/10/00, Telsa Gwynne wrote:
> 
> >I think I was unclear. You get the graphical application fine. But
> >you have to invoke it from the command line. You can't use the GNOME
> >panel and launchers, because they are still owned by guest and will
> >run as guest. So you have to know what the program is called in order
> >to be able to start it. And GNOME menus have long names which are
> >intended to give you an idea of what the thing does, and do not
> >have the command name itself on them. That's what I meant by "do
> >them at the command line": _starting_ the app. It comes up as the
> >graphical thing.
> 
> <snip>
> 
> Ouch, that is probably a bad thing(Tm).. I assume this means you can su to 
> any local user and start xterms on your desktop?
> 
> /me shudders at the thought..

This doesn't mean that something like 'xhost +local:' or even 'xhost +'
must be in place. For instance in Red Hat Linux, this is done with some
PAM trickery so that the MIT auth cookie is installed in the .xauth file
of the user you su to. After you finish su, it will be removed.

If you don't want that behaviour, just comment out this line in
/etc/pam.d/su:

session    optional	/lib/security/pam_xauth.so

Nils
-- 
 Nils Philippsen / Berliner Straße 39 / D-71229 Leonberg // +49.7152.209647
nils at wombat.dialup.fht-esslingen.de / nils at fht-esslingen.de / nils at redhat.de
   The use of COBOL cripples the mind; its teaching should, therefore, be
   regarded as a criminal offence.                  -- Edsger W. Dijkstra






More information about the Techtalk mailing list