X authenication (was: Another reason to prefer a real root over sudo)
Paul Sladen
ubuntu at paul.sladen.org
Mon Feb 2 19:55:55 UTC 2009
On Mon, 2 Feb 2009, Chris G wrote:
> X authentication prevents it.
The rightful owner of this desktop login might get upset if somebody else
started a key-stroke logger that connected to *their* desktop session.
X authenication stops that unless you have the right key ("Cookie").
-Paul
(If you're interested, a proper 'gksudo' innvocation, authenciated by the
current desktop used makes a copy of the .Xauthority key and sets
"XAUTHORITY=/tmp/libgksu-??????/.Xauthority" to point to it. You can do
just the same manually [with the permission of the user who's desktop
session you are hijacking/"wanting to share temporaily"]).
--
Why do one side of a triangle when you can do all three. Somewhere, GB.
More information about the ubuntu-users
mailing list