On Mon, 19.04.10 19:23, Jan Braun (janbr...@gmx.de) wrote:
1;2400;0c> Lennart Poettering schrob:
> > > ...and you're explicitly disallowing cross-user shm transfer. :(
> > > I guess I'll have to figure out the security implications of messing
> > > with that.
> >
> > Well, the story goes like thi
On 19 Apr 2010, Lennart Poettering outgrape:
> On Fri, 16.04.10 21:02, Jan Braun (janbr...@gmx.de) wrote:
>> xterms ssh'd to otheru...@localhost .
>
> Why would you ssh to the local machine?
'cos it forwards your X cookie and authentication agent connection for
you. (Of course you can do the X co
Lennart Poettering schrob:
> > ...and you're explicitly disallowing cross-user shm transfer. :(
> > I guess I'll have to figure out the security implications of messing
> > with that.
>
> Well, the story goes like this: we need to make sure that a user A
> cannot trigger a SIGBUS in processes by u
On Mon, 19.04.10 18:09, Jan Braun (janbr...@gmx.de) wrote:
> | /* Only enable SHM if both sides are owned by the same
> | * user. This is a security measure because otherwise data
> | * private to the user might leak. */
> |
> | const pa_creds *creds;
> | if (!(creds = pa_pdispatch_creds(pd)) ||
Lennart Poettering schrob:
> On Sat, 17.04.10 16:42, Jan Braun (janbr...@gmx.de) wrote:
> > Hmm, why not? I've set up PA as you describe (except for the additional
> > auth-group parameter), and PA is creating entries in /dev/shm , even for
> > other users than "albert".
>
> The PA client libs alw
Lennart Poettering schrob:
> On Fri, 16.04.10 21:02, Jan Braun (janbr...@gmx.de) wrote:
> > You see, currently I'm the only person with access to my desktop pc,
> > but I have several user accounts on it[1]. And I use them all.
> > Simultaneously. As in: several consoles open, often more than 1 xse
On Sat, 17.04.10 18:28, Tanu Kaskinen (ta...@iki.fi) wrote:
>
> On Sat, 2010-04-17 at 16:42 +0200, Jan Braun wrote:
> > Hmm, why not? I've set up PA as you describe (except for the additional
> > auth-group parameter), and PA is creating entries in /dev/shm , even for
> > other users than "albert
On Sat, 17.04.10 16:42, Jan Braun (janbr...@gmx.de) wrote:
> > My suggestion is basically the same as your option 3, without the double
> > mixing and tcp overhead (I'm not sure whether using the loopback
> > interface has much more overhead than unix domain sockets, though - you
> > still won't b
On Fri, 16.04.10 21:02, Jan Braun (janbr...@gmx.de) wrote:
> Hi list,
> and sorry for bringing up this topic again, but I'm another user who
> has difficulties with PA's multi-user policy.
>
> You see, currently I'm the only person with access to my desktop pc,
> but I have several user accounts
'Twas brillig, and Tanu Kaskinen at 17/04/10 16:28 did gyre and gimble:
> On Sat, 2010-04-17 at 16:42 +0200, Jan Braun wrote:
>> Hmm, why not? I've set up PA as you describe (except for the additional
>> auth-group parameter), and PA is creating entries in /dev/shm , even for
>> other users than "a
On Sat, 2010-04-17 at 16:42 +0200, Jan Braun wrote:
> Hmm, why not? I've set up PA as you describe (except for the additional
> auth-group parameter), and PA is creating entries in /dev/shm , even for
> other users than "albert".
Oh, maybe shm does work? I assumed that the logic was that only
conn
Tanu Kaskinen schrob:
> On Fri, 2010-04-16 at 21:02 +0200, Jan Braun wrote:
> > *** Now is your chance to say "that's insane, and we don't support it"
>
> I can't say it's insane, otherwise I'd be admitting that I've been
> insane in the past :)
Well, you could say you've seen the error of your w
[I accidentally sent this only to Marti, you're getting it twice, sorry]
Marti Raudsepp schrob:
> Can't you just copy ~/.pulse-cookie to all users' profiles, so
> everyone can access anyone else's PA daemon? It works for me, but I'm
> just using different user accounts within one X session.
Oops,
On Fri, 2010-04-16 at 21:02 +0200, Jan Braun wrote:
> Hi list,
> and sorry for bringing up this topic again, but I'm another user who
> has difficulties with PA's multi-user policy.
>
> You see, currently I'm the only person with access to my desktop pc,
> but I have several user accounts on it[1]
On Fri, Apr 16, 2010 at 10:02 PM, Jan Braun wrote:
> You see, currently I'm the only person with access to my desktop pc,
> but I have several user accounts on it[1]. And I use them all.
> Simultaneously. As in: several consoles open, often more than 1 xserver
> running, xterms ssh'd to otheru...@
Hi list,
and sorry for bringing up this topic again, but I'm another user who
has difficulties with PA's multi-user policy.
You see, currently I'm the only person with access to my desktop pc,
but I have several user accounts on it[1]. And I use them all.
Simultaneously. As in: several consoles op
16 matches
Mail list logo
