Bruno Haible wrote:
> > It's more secure too -- and it
> > properly fails if your X connection is via a proxy: the current shm
> > method can even cause the X server to connect to the _wrong_ shm segment
> > under some circumstances (multiple hosts, coincidental ids).
>
> This can easily be worked around: The creator of the segments puts a
> random number at the beginning of the segment, sort of a "signature",
> and when he communicates the shmid to other processes, he also tells
> them the signature. The attaching processes then check whether the
> signature they find in the segment is the same as the one they got
> communicated.
Yup, that's what I was thinking.
> This technique is employed in XFree86 4.0.
Great! I didn't think anyone actually bothered because other X shm code
I've seen doesn't do it, i.e. X shm clients.
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:21 EST