x11 /tmp preparation rc.d script
Dejan Lesjak
dejan.lesjak at ijs.si
Mon Jan 10 16:30:10 PST 2005
On Monday 10 of January 2005 20:53, Brooks Davis wrote:
> On Sun, Jan 09, 2005 at 05:46:54PM -0800, Eric Anholt wrote:
> > Attached are my proposed patches to deal with the X11 ICE issue. To
> > review, it's required because having .ICE not owned by root is a
> > security issue, one that's been papered over with a printed warning and
> > sleep(5) in libICE for years, and has recently been changed into an
> > actual error by the X.Org folks.
> >
> > The question is whether to stick it in base or in ports:
> >
> > In favor of ports:
> > - Seems like the proper place. Nothing happens for non-X11 users.
> > In favor of base:
> > - Would either need to make a separate port just for the script, or
> > keep the script in at least 3 separate ports, disregarding the
> > cleanup of servers which might make for more ports affected.
> > - From ports, it might get started too late in the boot process, or
> > not at all in some installations.
>
> It turns out that doing it in localpkg isn't a problem so we might want
> to go ahead and do it that way.
>
> One thing I've been wondering about is, why isn't startx/xdm doing
> this creation? They have the required privs and are garenteed not to
> get in a race (since it would be with them selves).
>
> -- Brooks
Because clients need ICE, not the server - if you run an X app on a remote box
that doesn't have X server running and connects to X server on local box, the
ICE directory that is used is on remote machine - where the client is. So
startx/xdm creating it wouldn't help.
Dejan
More information about the freebsd-x11
mailing list