xauth confusion on MacOS 10.3.2 (can't contact local address)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

All -

I've encountered an oddity in the implementation of X11 on MacOS 10.3.2 (Panther), which is based on XFree86 4.3. I originally thought it was a bug, but I'm beginning to suspect that it's a feature of XFree86 4.3 that I don't understand. I've poked around in various newsgroups and mailing lists on the XFree86 site and elsewhere, and I can't find an explanation. I apologize in advance if this question is covered in an obvious location.

When X11 starts up, a new .Xauthority file is generated. It contains hashes for my local UNIX connection, for localhost, and for the IP address of my computer (this is at home, where I'm using the 192.168 set of intranet addresses, and I don't have a DNS server; at work, we have a DNS server, and the hostname appears instead of the IP address, but the same behavior occurs). It looks like this:

% xauth
Using authority file /Users/sam/.Xauthority
xauth> list
Sams-Computer.local/unix:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
192.168.1.100:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77
localhost:0 MIT-MAGIC-COOKIE-1 1f177ca2630edfda3e2f7121f0a29c77

Note that all the hashes are identical. The odd thing is, not all of those host names allow me to create an xterm. My DISPLAY is :0.0. The following three work:

% xterm
% xterm -display Sams-Computer.local/unix:0
% xterm -display localhost:0.0

The following does not:

% xterm -display 192.168.1.100:0.0

Why? I'm just stumped. A correspondent on a different list pointed out that if you temporarily turn on xhost access, generate a new key for the IP address, and then turn xhost access off again, displaying to the IP address works just fine, as follows:

% xhost +192.168.1.100
192.168.1.100 being added to access control list
% xauth
Using authority file /Users/sam/.Xauthority
xauth> generate 192.168.1.100:0 .
authorization id is 94
xauth> Writing authority file /Users/sam/.Xauthority
% xhost -192.168.1.100
192.168.1.100 being removed from access control list
% xterm -display 192.168.1.100:0.0

Is there a bug lurking in this overall behavior? Or is it something important about X security I just don't get?

Thanks to all in advance -
Sam Bayer
_______________________________________________
XFree86 mailing list
XFree86@xxxxxxxxxxx
http://XFree86.Org/mailman/listinfo/xfree86
[Index of Archives]     [X Forum]     [Xorg]     [XFree86 Newbie]     [IETF Announce]     [Security]     [Font Config]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux Kernel]

  Powered by Linux