Heads up for login managers

Alan Cox alan at redhat.com
Mon Feb 12 19:46:41 UTC 2007

Previous message (by thread): Heads up for login managers
Next message (by thread): Heads up for login managers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Feb 12, 2007 at 02:18:41PM -0500, David Zeuthen wrote:
> The checks against XDG_SESSION_COOKIE is only used to limit access,

They are not limiting access. The "session cookie" is free for anything
with the same uid to access and use. Its nerf security.

Alan

Previous message (by thread): Heads up for login managers
Next message (by thread): Heads up for login managers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Fedora-maintainers mailing list