Bugtraq mailing list archives
Sgi Xauthority Strangeness
From: pauld () umbc edu (Paul Danckaert)
Date: Tue, 14 Mar 1995 10:38:02 -0500
I was poking around the xdm man page (under Irix 5.3) and found the following note, which I hadn't heard very much of before: Warning for SGI installations: With X authorization on, clients can still connect to the display using shm:0, even if they are not "authorized" to do so. As a workaround for this bug, you can disable the use of the shared memory transport, by adding the -shmnumclients 0 option to the X invocation in /usr/lib/X11/xdm/Xservers (see the Xsgi man page). I checked a few machines here, and sure enough, if you can log onto the machine, you can disable their xauthority and open the display. Looking back at a 5.2 machine, it would appear to work fine there also. Now, its nice to document it in the man page, but I've not heard this mentioned before, so I thought I would pass it along.. Paul Danckaert, Systems
Current thread:
- STROBE v1.01 Super Optimised TCP port surveyor, (continued)
- STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 08)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Mr Martin J Hargreaves (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor John Studarus (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Rodney Campbell (Mar 12)
- Re: STROBE v1.01 Super Optimised TCP port surveyor Scott D. Yelich (Mar 13)
- STROBE mirror Robert M. Haas (Mar 13)
- Re: STROBE mirror Michel Lavondes (Mar 14)
- STROBE 1.02 Julian Assange (Mar 14)
- Re: STROBE 1.02 Neil Woods (Mar 22)
- STROBE v1.01 Super Optimised TCP port surveyor Julian Assange (Mar 08)
- Sgi Xauthority Strangeness Paul Danckaert (Mar 14)
- xdm and auth on Ultrix 4.4 Walter Zimmer (Mar 14)
- safe logging xterm Margarita Suarez (Mar 14)
- Re: safe logging xterm Adam Shostack (Mar 14)
- Re: safe logging xterm Robert Banz (Mar 16)
- Re: safe logging xterm Adam Shostack (Mar 16)
- Re: safe logging xterm Valdis.Kletnieks () vt edu (Mar 16)
- Re: safe logging xterm Robert M. Haas (Mar 16)
- Re: safe logging xterm Bogdan Pelc (Mar 17)
- Cancel Subscription TechnoInc () aol com (Mar 16)
- Re: Cancel Subscription Anonymous the XXIIV (Mar 16)