Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at
Bug 65 - Missing /etc/X11/xdm/authdir - was 'ill inital xhost values'
Summary: Missing /etc/X11/xdm/authdir - was 'ill inital xhost values'
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: XFree86
Version: 5.2
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: David Lawrence
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 1998-11-14 05:47 UTC by nils
Modified: 2008-05-01 15:37 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 1998-11-16 13:48:07 UTC

Attachments (Terms of Use)

Description nils 1998-11-14 05:47:23 UTC
[Sorry to come with this again]

The now closed (DISCARDED) bug #8 happened on our systems
even within xdm. I digged a little bit and found out that
/etc/X11/xdm/authdir is missing. xdm tries to put its auth
files in /usr/X11R6/lib/X11/xdm/authdir which due to
symlinks resolves to /etc/X11/xdm/authdir. Someone should
include /etc/X11/xdm/authdir in the XFree86 package,
otherwise xdm will fall back to xhost authorization. Now we
have the -- still -- ill xhost values when starting without
xauth. The inital values should (at max) be 'LOCAL:' --
no '' and 'localhost'. And the xhost
values (maybe except the LOCAL:) should be resettable by the
user, or am I talking nonsens here?

I think the lack of /etc/X11/xdm/authdir is due to us not
going through the 'official' redhat update procedure but
just installing the new rpms on the machines in our pool.
Maybe one should advise people to check for this directory
on their machines, because the lack of it causes IMO a
not negligible security breach. Don't forget to include
/etc/X11/xdm/authdir in the next release of XFree.

Best wishes,

Comment 1 Preston Brown 1998-11-16 13:48:59 UTC
You are correct that /etc/X11/xdm/authdir is not owned by any
package.   However, further investigation shows that xdm actually
creates the authdir if it is not present when it is first run.
Therefore there is no need for it to be owned by the package.

When logging in with xdm, on a 5.2 system, this is the default value
that I get for xhost:

[pbrown@pip xdm]$ xhost
access control enabled, only authorized clients can connect

which is what I would expect.  Users other than myself cannot start X
programs.  For example, here is what happens if I try to start xclock
as root (instead of myself, pbrown):

[root@pip xdm]# xclock
Xlib: connection to ":0.0" refused by server
Xlib: Client is not authorized to connect to Server
Error: Can't open display: :0.0

If you get other values from xhost while you are using xdm, you have
changed something in your configuration from the default settings.

Note You need to log in before you can comment on or make changes to this bug.