Hello Simon, On Tue, Aug 07, 2018 at 08:20:23PM +0100, Simon McVittie wrote: > On Mon, 06 Aug 2018 at 17:31:35 +0200, Helge Kreutzmann wrote: > > this change (requiring a DISPLAY=:0) is really suprising. I'v used su > > for ages and a simple xhost + (yes, I know that this has security > > implications) was sufficient. > > "xhost +" grants access to your display to *literally any user*, > including special-purpose system users like "nobody" and the users > that run network servers. Please avoid this pattern! If you need to > grant unlimited access to your display to another user, at least use > "xhost +si:localuser:$THEIR_USERNAME". (Or, again, consider using a > separate X display, or Xpra, or similar.)
I'm aware, but thanks for the pointer anyhow.
> > Plese document this in a public place, the best would be the man page
> > as that is where users are looking for (a NEWS entry would only catch
> > administrators once).
> >
> > I suggest putting it under NOTES. If you like, I can draft up a patch.
>
> Andreas already asked for a merge request, so it seems that proposing a
> patch would indeed be welcome.
I'll do, incorporating your excellent explaination. I'll do so until
the end of the week (latest).
Greetings
Helge
--
Dr. Helge Kreutzmann deb...@helgefjell.de
Dipl.-Phys. http://www.helgefjell.de/debian.php
64bit GNU powered gpg signed mail preferred
Help keep free software "libre": http://www.ffii.de/
signature.asc
Description: Digital signature
