Re: dtlogin and secure access control

From: Reg Quinton (reggers@ist.uwaterloo.ca)
Date: 07/11/02 

From: "Reg Quinton" <reggers@ist.uwaterloo.ca>
To: "Small, Jim" <jim.small@eds.com>, <focus-sun@securityfocus.com>
Date: Thu, 11 Jul 2002 09:54:37 -0400

> Using the CDE environment (i.e. dtlogin), is it possible to use a secure
> access control method (e.g. XDM-AUTHORIZATION-1, SUN-DES-1, or
> MIT-KERBEROS-5)?

Jim, a couple of thots:

1.) your strings/grep isn't including the shared libraries which may have
what you want.
2.) dtlogin, by default, sets up the magic cookie and I'm very sure that
vendor apps handle that fine.
3.) you might look at locking the dtlogin service down to the console only:

[9:51am wally] grep Dtlogin.requestPort /usr/dt/config/Xconfig
  Dtlogin.requestPort: 0

For desktops there's no need to present the dtlogin/xdm service to anyone
other than the console.

Relevant Pages

  • Need to Set dtlogin on Middle Framebuffer
    ... 21" Hitachi monitors. ... I would like to set the middle display as the ... console and dtlogin. ... I figured out how to set the default console by setting up the ...
    (comp.unix.solaris)
  • Re: dtlogin
    ... You want to disable dtlogin *on the console*? ... >for nis users.... ... Or did I misunderstand the question and is what you really want disabling ...
    (Focus-SUN)
  • Re: X/CDE on Alphaserver 800
    ... Nevertheless dtlogin is running looking at the aoutput of ps. ... >>Which kind of settings are nessecary to run X on the graphics console. ...
    (comp.sys.dec)
  • Re: Need to Set dtlogin on Middle Framebuffer
    ... > 21" Hitachi monitors. ... I would like to set the middle display as the ... > console and dtlogin. ...
    (comp.unix.solaris)
  • Make dtlogin go away
    ... I've disabled dtlogin. ... run X from a logged in console and its sort of working, ... is there a way to start X from a logged in console ... that includes the dtlogin resources and the user's environment from ...
    (comp.unix.solaris)