Bug 12577 - /etc/X0.hosts ignored - siAddrMatch siCheckAddr broken
Summary: /etc/X0.hosts ignored - siAddrMatch siCheckAddr broken
Status: RESOLVED WORKSFORME
Alias: None
Product: xorg
Classification: Unclassified
Component: Server/General (show other bugs)
Version: git
Hardware: Other All
: medium major
Assignee: Xorg Project Team
QA Contact: Xorg Project Team
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-09-26 11:25 UTC by Sami Farin
Modified: 2007-09-26 15:55 UTC (History)
1 user (show)

See Also:
i915 platform:
i915 features:


Attachments

Description Sami Farin 2007-09-26 11:25:25 UTC
$ cat /etc/X0.hosts
si:localgroup:xuser

$ id ; xvinfo|head -n 1
uid=527(rpmbuild) gid=528(rpmbuild) groups=37(rpm),528(rpmbuild) context=user_u:system_r:unconfined_t
X-Video Extension version 2.2

This happens because your non-tested code does not work as intended.
Even if it worked, EnableLocalHost enables every uid and gid if xauth is not used.

siAddrMatch does not work because it does not do strchr for char ':'.
siCheckAddr is called without before doing strchr ':', too.

I have a cruel patch at
https://bugzilla.redhat.com/show_bug.cgi?id=254961
Comment 1 Alan Coopersmith 2007-09-26 12:18:23 UTC
You mean the code doesn't work as *YOU* intended.   I did test it when I wrote
it and it works as I intended, for the case where you xhost
+si:localuser:username, since xhost strips off the si: prefix.   
I don't remember if the /etc/X*.hosts case was ever thought of, and for that 
I apologize since I seem to have so deeply offended you that you've lost all 
sense of politeness.
Comment 2 Sami Farin 2007-09-26 12:28:12 UTC
$ xhost
access control enabled, only authorized clients can connect
SI:localgroup:xuser

$ id ; xvinfo|head -n 1
uid=527(rpmbuild) gid=528(rpmbuild) groups=37(rpm),528(rpmbuild) context=user_u:system_r:unconfined_t
X-Video Extension version 2.2

What was SI:localgroup:xuser supposed to do, then?
I tried to apply common sense, and presumed only xuser group is allowed access.

Anyways, if it now works as intended, what's the use for it, sine
everybody is allowed access in any case?
Comment 3 Daniel Stone 2007-09-26 15:30:47 UTC
The point is that if you're rude to people, no-one will want to talk to you at all, let alone spend their free time helping you.  Think about it: if you were at someone's house and he was making you some food, would you be that rude? I hope not, but from the looks of this bug report, the answer is yes.
Comment 4 Sami Farin 2007-09-26 15:45:45 UTC
I am very sorry that I wasted my time by trying to tell about this bug
and I am sorry I made one guy depressed by telling feedback about his code.

To prevent further waste of time, I just stop reporting bugs at freedesktop.org.

Sayonara!

(worksforme... get it?  works for both of us as intended.  for me with my patch, you without.)
Comment 5 Alan Coopersmith 2007-09-26 15:52:15 UTC
It wasn't intended to change the previous behavior of allowing everyone on localhost if no -auth is present, just to allow augmenting xauth easily.
I didn't think anyone had run without -auth in the last decade.
Comment 6 Daniel Stone 2007-09-26 15:55:06 UTC
(In reply to comment #4)
> To prevent further waste of time, I just stop reporting bugs at
> freedesktop.org.

Kiitti.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.