From owner-freebsd-questions@FreeBSD.ORG Wed Feb 2 23:51:56 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 610F416A4CE for ; Wed, 2 Feb 2005 23:51:56 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.192]) by mx1.FreeBSD.org (Postfix) with ESMTP id C104C43D41 for ; Wed, 2 Feb 2005 23:51:55 +0000 (GMT) (envelope-from gert.cuykens@gmail.com) Received: by rproxy.gmail.com with SMTP id f1so134965rne for ; Wed, 02 Feb 2005 15:51:55 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=RgBV7KebsjXDWtwO1ZNqtcpILOZk2p5A6t710etUrUbeIuLk8dngy1hy9hdOPgwJoKJjS9efmiDR9MHkdjfuYWJ3qaRQi274+8yoGuFZxZ9UghBjguGO3tKV7y8qSfVBgImgZkVytUuNvacdIIsZbxBUeDs9sebeVsqZoVkJbGY= Received: by 10.38.152.55 with SMTP id z55mr108190rnd; Wed, 02 Feb 2005 15:51:54 -0800 (PST) Received: by 10.38.74.23 with HTTP; Wed, 2 Feb 2005 15:51:54 -0800 (PST) Message-ID: Date: Thu, 3 Feb 2005 00:51:54 +0100 From: Gert Cuykens To: Henry Miller , freebsd-questions@freebsd.org In-Reply-To: <200502021724320778.4D494921@mail.intradyn.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <20050202210526.GC77499@keyslapper.net> <42014E0A.5070003@mac.com> <20050202221851.GE77499@keyslapper.net> <20050202224322.GF77499@keyslapper.net> <200502021724320778.4D494921@mail.intradyn.com> Subject: Re: xhost +localhost X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Gert Cuykens List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 02 Feb 2005 23:51:56 -0000 On Wed, 02 Feb 2005 17:24:32 -0600, Henry Miller wrote: > > > On 2/3/2005 at 00:05 Gert Cuykens wrote: > > >On Wed, 2 Feb 2005 17:43:23 -0500, Louis LeBlanc > > >wrote: > >> On 02/02/05 11:36 PM, Gert Cuykens sat at the `puter and typed: > >> > I# xhost local: > >> > non-network local connections being added to access control list > >> > I# > >> > > >> > ok that seems to work a bit better meaning i dont get the message > "can > >> > not start screen saver deamon bl bla bla....." Instead i get a > message > >> > in my log that locking is not enabled ? > >> > >> Doesn't ring any bells. What log, and what is the entry? > >> > >> Are you still having trouble with xscreensaver? > >> > > > >My xscreensaver is telling me "running in root not allowed" my root > >needs a pretty screensaver too you know grrrr > > > >So how do i enable a root screen saver ? > > You don't. Root should never have a pretty screensaver. Screen > savers are only needed when a CRT will be on (Wasting 100 watts while > nobody is looking, it adds up to about $.10/day), for long periods of > time at a screen that is otherwise unchanging over several years. The > only burn in I've ever seen is a log in screen, normal users change > enough on their display that burn-in isn't a problem. > > Root should NEVER log in except when the system is single user, or > fresh install. In both cases that is command line only. If you must > use some graphical config tool, su from some other user. As a last > resort you could log in as root, but even then you should do the job > and than log off fast, before you make a mistake! > > Programs like xscreensaver are doing FreeBSD a favor by preventing > people from running as Administrator. A significant number of > problems people have with Ms Windows is because users run as > administrator by default. When programs like xscreensaver detect that > you are root and refuse to run it makes it that much less likely that > you will make a mistake while running as root. Mistakes when you are > a normal user are bad enough, mistakes as root are worse. > > xscreensaver is also saving themselves in another way, if there is a > unexpected bug that is exploitable, by refusing to run as root they can > at least ensure that your whole system isn't compromised. This is > particularly a big deal for xscreensaver where you can expect nobody > will be around to watch evil people from attempting to break your > system. > > If all that isn't enough to convince you otherwise: the source is > there. Modify it yourself. > And still i think the user should be able to make that desision and not xscreensaver, it is against the constitution namely freedome of screensaver :P