Christian Kastner wrote: > Background: sudoers(5) says > > # Run X applications through sudo; HOME is used to find the > # .Xauthority file. Note that other programs use HOME to find > # configuration files and this may lead to privilege escalation! > Defaults env_keep += "DISPLAY HOME" > > This works for root because root can access the original > $HOME/.Xauthority. non-root users, however, cannot.
Also remember the XAUTHORITY variable and that session managers such as GNOME override the setting of it. AFAICS the XAUTHORITY variable overrides the use of HOME to locate that file. $ printenv XAUTHORITY /home/rwp/.Xauthority But it might be set /tmp/something or /var/run/something too depending upon the session manager. And that it must be possible to read that file by the other user. For example if it is stored over NFS then root by default won't have permission there. Bob -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
