Date: Tue, 11 Jan 2005 01:29:20 +0100 From: Dejan Lesjak <dejan.lesjak@ijs.si> To: freebsd-x11@freebsd.org Cc: x11@freebsd.org Subject: Re: x11 /tmp preparation rc.d script Message-ID: <200501110129.21281.dejan.lesjak@ijs.si> In-Reply-To: <20050110195340.GC15907@odin.ac.hmc.edu> References: <1105321614.8452.54.camel@leguin> <20050110195340.GC15907@odin.ac.hmc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 10 of January 2005 20:53, Brooks Davis wrote: > On Sun, Jan 09, 2005 at 05:46:54PM -0800, Eric Anholt wrote: > > Attached are my proposed patches to deal with the X11 ICE issue. To > > review, it's required because having .ICE not owned by root is a > > security issue, one that's been papered over with a printed warning and > > sleep(5) in libICE for years, and has recently been changed into an > > actual error by the X.Org folks. > > > > The question is whether to stick it in base or in ports: > > > > In favor of ports: > > - Seems like the proper place. Nothing happens for non-X11 users. > > In favor of base: > > - Would either need to make a separate port just for the script, or > > keep the script in at least 3 separate ports, disregarding the > > cleanup of servers which might make for more ports affected. > > - From ports, it might get started too late in the boot process, or > > not at all in some installations. > > It turns out that doing it in localpkg isn't a problem so we might want > to go ahead and do it that way. > > One thing I've been wondering about is, why isn't startx/xdm doing > this creation? They have the required privs and are garenteed not to > get in a race (since it would be with them selves). > > -- Brooks Because clients need ICE, not the server - if you run an X app on a remote box that doesn't have X server running and connects to X server on local box, the ICE directory that is used is on remote machine - where the client is. So startx/xdm creating it wouldn't help. Dejan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501110129.21281.dejan.lesjak>