On 12/12/2000 at 14:40 -0800, Erik Steffl wrote: > that's the problem. the default is secure but the most typical (my > assessment) setup cannot be made secure as you have to let anybody run > X. what's the use of security measure that has to be disabled in most > cases? > > so while I agree with you first sentence and your second sentence I > certainly do not think it's nice. > > it may be possible to set it up somehow that only root & xdm or > console user & xdm can start X but since I cannot find any docs on > this... I'll try to search the /usr/doc when I get home... maybe there's > some readme/faq there. > OK... You have your point there...
But it's just a simple control. RootOnly/Console/Anybody. There. If you want to control who may use X on a user basis, create a new group, add users to that group, and chmod X to be executable only by that group... But, for example, on my machine I don't mind if my users run X. But I don't want that those who connect with ssh to start X. So, I use allowed_users=console. Done. You don't have to rely simply on Xwrapper.config to control who uses X. Regards, sena... -- [EMAIL PROTECTED], http://decoy.ath.cx/~sena/ gpg fingerprint: F20B 12A8 A8F6 FD1F 9B1D BA62 C424 8E73 DD2E 47C8
