On 10/30/18 08:30 PM, Veek M wrote:
You can setup Xorg to listen only on a UNIX DOMAIN socket:
*Xorg -nolisten tcp -nolisten inet -nolisten inet6 -listen unix
-nolisten local :0 -seat seat0 vt7 -novtswitch&*
The Xorg process must receive a COOKIE on this /tmp/X11/X0 and
@/tmp/X11/X0 device, that matches its cookie - it then creates an
internal CONTEXT that is associated with the cookie-senders IP:PORT IF
this were a socket (TCP etc) since we've disabled TCP, the pipe is
used but how does Xorg validate connections on that one pipe? Does it
use/generate a different token (similar to what FTP does - one port to
negotiate and another for xfer) or is the cookie passed in for every
API call the Xlib/Client makes AFTER XOpenWIndow()?
Just like a TCP socket, every time an application connects to a
Unix domain socket or named pipe, it causes a new file descriptor
to be created in the X server. In the connection setup on that
file descriptor the client would send the cookie if required, and
the X server then marks that file descriptor as authenticated.
--
-Alan Coopersmith- alan.coopersm...@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/alanc
_______________________________________________
xorg@lists.x.org: X.Org support
Archives: http://lists.freedesktop.org/archives/xorg
Info: https://lists.x.org/mailman/listinfo/xorg
Your subscription address: %(user_address)s
