On Wed, 05.01.11 16:47, Adam Jackson (a...@redhat.com) wrote:
> On Wed, 2011-01-05 at 16:33 -0500, Matt McCutchen wrote:
> > On Wed, 2011-01-05 at 15:25 -0500, Adam Jackson wrote:
> > > I don't have any of those. If the X server is running as root (like in
> > > the gdm case) then I can put the s
On Wed, 2011-01-05 at 16:37 -0500, Daniel J Walsh wrote:
> [XDG_RUNTIME_DIR] does not exist until after the User has logged in. X
> starts before
> the user logs in. Also multiple users need to be able to talk to same
> xserver.
On Wed, 2011-01-05 at 16:47 -0500, Adam Jackson wrote:
> atropine:
On Wed, 2011-01-05 at 16:33 -0500, Matt McCutchen wrote:
> On Wed, 2011-01-05 at 15:25 -0500, Adam Jackson wrote:
> > I don't have any of those. If the X server is running as root (like in
> > the gdm case) then I can put the socket wherever I want. If it's Xvfb,
> > then where do I put this dire
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/05/2011 04:33 PM, Matt McCutchen wrote:
> On Wed, 2011-01-05 at 15:25 -0500, Adam Jackson wrote:
>> On Wed, 2011-01-05 at 13:38 -0500, Matt McCutchen wrote:
>>> The
>>> more significant DoS condition is another user taking the name you want,
>>>
On Wed, 2011-01-05 at 15:25 -0500, Adam Jackson wrote:
> On Wed, 2011-01-05 at 13:38 -0500, Matt McCutchen wrote:
> > The
> > more significant DoS condition is another user taking the name you want,
> > which can happen in the abstract namespace but not in a directory only
> > you can write.
>
> I
On Wed, 2011-01-05 at 13:38 -0500, Matt McCutchen wrote:
> On Wed, 2011-01-05 at 11:12 -0500, Adam Jackson wrote:
> > The deeper problem is that clients authenticate themselves to the
> > server, but then simply trust that the server is the server they were
> > hoping for. If you don't have a proc
On Wed, 2011-01-05 at 11:12 -0500, Adam Jackson wrote:
> The deeper problem is that clients authenticate themselves to the
> server, but then simply trust that the server is the server they were
> hoping for. If you don't have a process tree relationship (like the gdm
> +displayfd case) then you h
On Wed, 2011-01-05 at 13:52 +0100, Lennart Poettering wrote:
> That's precisely what I want to tell people: don't use the abstract
> socket namespace, unless you really know what you do. The only cases
> where it really makes sense to use it is if you have a privileged
> service that i sstarted be
On Wed, 2011-01-05 at 16:35 +0100, Lennart Poettering wrote:
> On Wed, 05.01.11 09:39, Matt McCutchen (m...@mattmccutchen.net) wrote:
>
> > > That's precisely what I want to tell people: don't use the abstract
> > > socket namespace, unless you really know what you do. The only cases
> > > where i
On Wed, 05.01.11 09:39, Matt McCutchen (m...@mattmccutchen.net) wrote:
> > That's precisely what I want to tell people: don't use the abstract
> > socket namespace, unless you really know what you do. The only cases
> > where it really makes sense to use it is if you have a privileged
> > service
On Wed, 2011-01-05 at 13:52 +0100, Lennart Poettering wrote:
> On Tue, 04.01.11 21:31, Matt McCutchen (m...@mattmccutchen.net) wrote:
>
> > On Tue, 2011-01-04 at 14:11 +0100, Lennart Poettering wrote:
> > > Of these being used, dbus is correctly implemented, since it randomizes
> > > the socket na
On Tue, 04.01.11 21:31, Matt McCutchen (m...@mattmccutchen.net) wrote:
> On Tue, 2011-01-04 at 14:11 +0100, Lennart Poettering wrote:
> > Of these being used, dbus is correctly implemented, since it randomizes
> > the socket name. Same for gdm.
>
> The relevant point is not randomness or unguessa
On Tue, 2011-01-04 at 14:11 +0100, Lennart Poettering wrote:
> Of these being used, dbus is correctly implemented, since it randomizes
> the socket name. Same for gdm.
The relevant point is not randomness or unguessability, but that dbus
chooses an available name and passes the actual name being u
13 matches
Mail list logo
