Date: Sat, 8 Apr 1995 22:11:22 +0200 (MET DST)
From: J Wunsch <j@uriah.heep.sax.de>
To: freebsd-current@FreeBSD.org (FreeBSD-current users)
Subject: Re: should su retain ${DISPLAY}
Message-ID: <199504082011.WAA00489@uriah.heep.sax.de>
In-Reply-To: <199504081736.TAA10286@gilberto.physik.rwth-aachen.de> from "Christoph Kukulies" at Apr 8, 95 07:36:36 pm
next in thread | previous in thread | raw e-mail | index | archive | help
As Christoph Kukulies wrote:
>
> >
> > What do people think about an extension to the su(1) command that
> > retains the ${DISPLAY} variable even across an ``su -''?
>
> Excuse my ignorance: What does su - do? I don't see it documented. It looks
> like it executes roots dotfiles. I also see $DISPLAY preserved during a
> normal 'su'.
It does not preserve the normal environment, instead it operates
(almost) like a login on the target UID.
> When you su to root from a normal user you can't connect to the server (0:0)
> anyway (unless you have enabled access before - xhost +).
Only if you are using the MIT_MAGIC_COOKIE authentication. Most of
our users certainly don't, since they work in a more-or-less trusted
environment where host-based authorization is sufficient.
--
cheers, J"org
joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/
Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199504082011.WAA00489>