Date: Mon, 10 Apr 95 11:28:15 MDT
From: terry@cs.weber.edu (Terry Lambert)
To: joerg_wunsch@uriah.heep.sax.de
Cc: freebsd-current@FreeBSD.org
Subject: Re: should su retain ${DISPLAY}
Message-ID: <9504101728.AA24173@cs.weber.edu>
In-Reply-To: <199504090719.JAA05076@uriah.heep.sax.de> from "J Wunsch" at Apr 9, 95 09:19:32 am
next in thread | previous in thread | raw e-mail | index | archive | help
[ ... what su should do ... ] > > It is therefore arguable that not preserving DISPLAY in these cases > > is, in fact, the right thing to do. > > Yes and no. (That's why i've been asking it to -hackers.) It does > already preserve TERM. So it's also arguable that DISPLAY is in the > same boat as TERM in a windowing environment and should be retained. The TERM variable designates an output device. The DISPLAY variable designates a resource. The distinction is vague unless you are using xauth or some other display access control mechanism which would allow the user access but not allow root access, even if the root credentials instance derived from an su by an authenticated non-root host/credential set. Becoming root in such a case results in losing access to the resource, unless you are prepared to hack .Xauthority, etc. in the su program. Terry Lambert terry@cs.weber.edu --- Any opinions in this posting are my own and not those of my present or previous employers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9504101728.AA24173>