x11 /tmp preparation rc.d script

Brooks Davis brooks at one-eyed-alien.net
Tue Jan 11 16:38:23 PST 2005


On Sun, Jan 09, 2005 at 05:46:54PM -0800, Eric Anholt wrote:
> Attached are my proposed patches to deal with the X11 ICE issue.  To
> review, it's required because having .ICE not owned by root is a
> security issue, one that's been papered over with a printed warning and
> sleep(5) in libICE for years, and has recently been changed into an
> actual error by the X.Org folks.
> 
> The question is whether to stick it in base or in ports:
> 
> In favor of ports:
>   - Seems like the proper place.  Nothing happens for non-X11 users.
> In favor of base:
>   - Would either need to make a separate port just for the script, or
>     keep the script in at least 3 separate ports, disregarding the
>     cleanup of servers which might make for more ports affected.
>   - From ports, it might get started too late in the boot process, or
>     not at all in some installations.

It turns out that doing it in localpkg isn't a problem so we might want
to go ahead and do it that way.

One thing I've been wondering about is, why isn't startx/xdm doing
this creation?  They have the required privs and are garenteed not to
get in a race (since it would be with them selves).

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-x11/attachments/20050110/1d9c4246/attachment-0002.bin


More information about the freebsd-x11 mailing list