Visually authenticating windows (Re: Toshiba Satellite 4090CDT
+ sudo ideas)
Daniel Stone
daniel at fooishbar.org
Mon Feb 21 21:05:04 CST 2005
On Thu, Dec 23, 2004 at 04:19:48PM -0800, Matt Zimmerman wrote:
> On Thu, Dec 23, 2004 at 04:47:28PM -0500, David Mandelberg wrote:
> > The key file should have perms something like root:rootkey 0640.
> >
> > The window manager could change the border if the key is valid for that window
> > id (since the window manager couldn't read the key file, a sgid rootkey helper
> > app or daemon run as group rootkey could be used that takes a key and window id
> > on stdin/named pipe and outputs 0 or 1 on stdout/named pipe for valid or invalid).
>
> A simpler approach would be to have the X server provide trusted
> authentication information, since it can retrieve uid credentials via its
> UNIX socket.
>
> I didn't mean that this is impossible, only that I know of no way to
> implement it using the existing infrastructure. It would be within reason
> for us to add support for such a mechanism to our standard window manager,
> but not to standardize and develop the infrastructure from scratch. This
> seems like the sort of thing that would be good to discuss in the context of
> freedesktop.org or a standards organization.
>
> As you point out, there are some difficult issues to be resolved in order to
> have windows which can be visually authenticated.
Very old now, but I believe 'xhost +SI:localuser:foobar', should sort this.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.ubuntu.com/archives/ubuntu-devel/attachments/20050222/2a298710/attachment.pgp
More information about the ubuntu-devel
mailing list