On Tue, 2011-06-14 at 21:23 -0500, Dan Williams wrote: > systemd might be happy if you change it later, but other stuff is not. > The canonical example is X, where the hostname was used as the xauth key > to allow you to actually talk to the X server. When the hostname > changed, there was no authorization for the new hostname in your xauth > file, so starting new apps would silently fail. Basing *anything* like > that on your machine hostname is just stupid. It might work for you, > but it doesn't work for lots of other people, so lets fix it for > everyone. And we did back in the F10 timeframe > with /etc/X11/xinit/xinitrc.d/localuser.sh where we just let any local > user connect, since that's exactly what xauth's hostname thing was > supposed to do anyway. To clarify, we allow local connections where the UID of the connecting process matches the one specified in the xhost call (which is run after you've established a session, so you know the UID of the user whose session is trying to connect). Dan's statement could be read that we allow connections from any local user at all, which is definitely not true. - ajax
Attachment:
signature.asc
Description: This is a digitally signed message part
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
