This is the mail archive of the cygwin-xfree@cygwin.com mailing list for the Cygwin XFree86 project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Non-admin users, /tmp/.X11-unix/X0 permissions

From: Alexander Gottwald <alexander dot gottwald at s1999 dot tu-chemnitz dot de>
To: cygwin-xfree at cygwin dot com
Date: Mon, 11 Apr 2005 15:33:47 +0200 (MEST)
Subject: Re: Non-admin users, /tmp/.X11-unix/X0 permissions
References: <Pine.LNX.4.61.0504111316440.30745@ppepc56.ph.gla.ac.uk>
Reply-to: cygwin-xfree at cygwin dot com

On Mon, 11 Apr 2005, Alan J. Flavell wrote:

> whose Subject is "using cygwin/x as non-administrator doesn't work" 
> (which is not exactly the problem that we are getting, since the 
> *first* non-administrator has no problems starting Cygwin/X as many 
> times as they want to - the problem is with the second - and 
> subsequent - users).
> 
> The response in the archive is a bit vague:
> 
> | You can allow other users to write to /tmp/.X11-unix, or have a /tmp 
> | directory for every user where the user can create files at will.
> 
> The first part of that would "solve" a problem that we haven't got: 
> the issue is *not* that ordinary users can't write to the *directory*, 
> -but- that, by virtue of the "t" bit, they can't interfere with files 
> left there by someone else.  Hence this standoff with X0.
> 
> The second part of the suggestion presumably involves symlinking /tmp 
> to something which has the user name in it, so that /tmp is a 
> different actual path for each user?

You could assign each user a different /tmp path via mount

mount -buf 'd:\temp\$USER' /tmp

This way the files don't interfere

>  _XSERVTransmkdir: Owner of /tmp/.X11-unix should be set to root
> 
> is a red-herring and should be ignored.  And furthermore, that 
> the subsequent lines
> 
>  _XSERVTransSocketUNIXCreateListener: ...SocketCreateListener() failed
>  _XSERVTransMakeAllCOTSServerListeners: server already running
> 
> represents an incorrect deduction based on the preceding error - the 
> server is *not* already running.  

On unix the xserver is installed as setuid root and can handle those permission 
problems by overruling the permissions with its root permissions. On cygwin this
is not possible. 

Does it help if the t flag is cleared? Then we could create the directory without
the flag instead. I don't care for filesystem security on windows anyway. 

bye
	ago
-- 
 Alexander.Gottwald@s1999.tu-chemnitz.de 
 http://www.gotti.org           ICQ: 126018723

References:
- Non-admin users, /tmp/.X11-unix/X0 permissions
  - From: Alan J. Flavell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]