On Sun, 15 Oct 2000, BobTFish wrote:
> At 14:30 15/10/00, Telsa Gwynne wrote:
>
> >I think I was unclear. You get the graphical application fine. But
> >you have to invoke it from the command line. You can't use the GNOME
> >panel and launchers, because they are still owned by guest and will
> >run as guest. So you have to know what the program is called in order
> >to be able to start it. And GNOME menus have long names which are
> >intended to give you an idea of what the thing does, and do not
> >have the command name itself on them. That's what I meant by "do
> >them at the command line": _starting_ the app. It comes up as the
> >graphical thing.
>
> <snip>
>
> Ouch, that is probably a bad thing(Tm).. I assume this means you can su to
> any local user and start xterms on your desktop?
>
> /me shudders at the thought..
This doesn't mean that something like 'xhost +local:' or even 'xhost +'
must be in place. For instance in Red Hat Linux, this is done with some
PAM trickery so that the MIT auth cookie is installed in the .xauth file
of the user you su to. After you finish su, it will be removed.
If you don't want that behaviour, just comment out this line in
/etc/pam.d/su:
session optional /lib/security/pam_xauth.so
Nils
--
Nils Philippsen / Berliner Straße 39 / D-71229 Leonberg // +49.7152.209647
[EMAIL PROTECTED] / [EMAIL PROTECTED] / [EMAIL PROTECTED]
The use of COBOL cripples the mind; its teaching should, therefore, be
regarded as a criminal offence. -- Edsger W. Dijkstra
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
