|
|
Index | Description | Starting Up | Displays | Access Control | Geometry Specification
Window Managers | Fonts | Colors | Keyboards | Options | Resources | Examples | Diagnostics
X-Windows
ACCESS CONTROL
An X server can use several types of access control.
Mechanisms provided in Release 5 are:
-
Host Access Simple host-based access control.
-
MIT-MAGIC-COOKIE-1 Shared plain-text "cookies".
-
XDM-AUTHORIZATION-1 Secure DES based private-keys.
-
SUN-DES-1 Based on Sun's secure rpc system.
Xdm initializes access control for the server,
and also places authorization information in a file accessible to the X
Version 11.
Normally, the list of hosts from which connections are
always accepted should be empty, so that only clients with are explicitly
authorized can connect to the display. When you add entries to the host
list (with xhost), the server no longer performs any authorization
on connections from those machines. Be careful with this. The file from
which Xlib extracts authorization data can be specified with
the environment variable XAUTHORITY, and defaults to the file .Xauthority
in the home directory.
Xdm uses $HOME/.Xauthority and will
create it or merge in authorization records if it already exists when a
user logs in. If you use several machines, and share a common home direc-
tory across all of the machines by means of a network file system, then
you never really have to worry about authoriza- tion files, the system
should work correctly by default. Otherwise, as the authorization files
are machine-independent, you can simply copy the files to share them.
To manage authorization files, use xauth.
This program allows you to extract records and insert them into other files.
Using this, you can send authorization to remote machines when you login,
if the remote machine does not share a common home directory with your
local machine. Note that authorization information transmitted ``in the
clear'' through a network file system or using ftp or rcp
can be ``stolen'' by a network eavesdropper, and as such may enable unauthorized
access. In many environments this level of security is not a concern, but
if it is, you need to know the exact semantics of the particular authorization
data to know if this is actually a problem. For more information on access
control, see the Xsecurity manual page.
|
|
|
 |
|
|
|
Protect yourself from cyberstalkers, identity thieves, and those who would snoop on you.
| |
Stop spam from invading your inbox without losing the mail you want. We give you more control over your e-mail than any other service.
| |
Block popups, ads, and malicious scripts while you surf the net through our anonymous proxies.
| |
Participate in Usenet, host your web files, easily send anonymous messages, and more, much more.
| |
All private, all encrypted, all secure, all in an easy to use service, and all for only $5.95 a month!
|
|
Service Details
|
|
|
|
