[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Session Management Proposal



On Sat, Jan 03, 2004 at 06:58:33PM +0100, Oswald Buddenhagen wrote:
> >   1) get rid of the authentication bullshit, start one main socket say:
> >       /tmp/.dm-sockets/main for the unauthenticated stuff and then
> >       per-display sockets like /tmp/.dm-sockets/:0 for the stuff that
> >       requires authentication (console authentication currently).  That
> >       way this can be done with unix permissions rather then the cookie
> >       juggling.
> >
> as much as i'd like to agree with this ... i read in some man page, that
> some systems simply ignore file permissions on socket nodes. depending
> on which systems are affected, we or those systems are screwed ...

Maybe that's why I did it this way originally, I can't remember :)  OK, must
do authentication using cookies then.  Oh well.  Could we add to the spec
that authors of such systems should be ritualistically tortured and pictures
posted on slashdot?

> >   2) There should be a way to query available 'commands' so that a client
> >      can see what the DM can and can't do, and this will allow gdm and kdm
> >      specific commands.  Or dm-specific extended commands.
> > 
> yeah, just like imap does, i think: the initial greeting identifies the
> manager incl. (protocol) version and lists supported capabilities. an
> explicit capability command would be possible as well, but i'm not sure
> we need that.

Yeah, that's good as well.  And it really makes more sense since you should
always I suppose check the capabilities anyway.  Currently in GDM you use only the
version number of GDM itself since it's not a 'standard' protocol.

George

-- 
George <jirka 5z com>
   History teaches us that men and nations behave wisely
   once they have exhausted all other alternatives.
                       -- Abba Eban, 1970


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]