Date: Fri, 01 Sep 2017 21:05:35 +0000 From: bugzilla-noreply@freebsd.org To: x11@FreeBSD.org Subject: [Bug 221984] x11-servers/xorg-server: enable SECURITY extension Message-ID: <bug-221984-7141@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221984 Bug ID: 221984 Summary: x11-servers/xorg-server: enable SECURITY extension Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: x11@FreeBSD.org Reporter: citrin+pr@citrin.ru Assignee: x11@FreeBSD.org Flags: maintainer-feedback?(x11@FreeBSD.org) Created attachment 185979 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185979&action=edit enable SECURITY X server extension Attached patch enables SECURITY extension for X server. This will allow 'ssh -X' to work. Currently ssh -X fails, because 'xauth generate' can't grab auth data from running X server. This extension is enabled in xorg package for many (may be most) Linux distros. As I know it was disabled by default in xorg when XACE was added. But XACE is not fully replaces SECURITY extension: "In Red Hat Enterprise Linux 6, the X Security extension (XC-SECURITY) has been disabled and replaced by X Access Control Extension (XACE). However, XACE does not yet include functionality that was previously available in XC-SECURITY. With this update, XC-SECURITY is enabled in the xorg-x11-server spec file on Red Hat Enterprise Linux 6." [1] 1. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/xorg-x11-server.html I've not tested this change with slave ports, so in my patch I've added this option only for ${SLAVE_PORT} == "no". -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-221984-7141>