[prev in list] [next in list] [prev in thread] [next in thread] 

List:       fwtk-users
Subject:    x-gw per-user configuration (undocumented?)
From:       Chris Wakelin <c.d.wakelin () reading ! ac ! uk>
Date:       1999-11-19 12:55:12
[Download RAW message or body]

[To be removed from this list send the message "unsubscribe fwtk-users" in the
BODY of a mail message to majordomo@ex.tis.com.]

Has anybody used the "user" option in the x-gw? :

x-gw:          user someone -display 101

This seems to be undocumented, but makes user "someone" always get display 
number 101. It is based on the "-user" option given to x-gw by the tn-gw, which 
gives the authenticated username (*if* the user was authenticated, which ours 
generally aren't for the x-gw).

There seems also to be a "-permit" option to automatically allow or 
disallow connections to the proxied X server without asking the user:

x-gw:          user someone -display 101 -permit trusted.somewhere.com

The latter is probably risky as you have no guarantee that the connection from 
trusted.somewhere.com is from the correct user.

I discovered this while poking through the x-gw source code. I've made a 
similar provision for per-host configuration by copying the per-user code and 
making a couple of minor modifications to it; I'm not really a 'C' programmer, 
but I can imitate ;-) . The result is something like

x-gw:           from machine.mydomain.com -display 101

This is based on the "from" parameter passed to x-gw by tn-gw, which gives the 
name of machine which connected to tn-gw (as opposed to the display host, 
which may be different) ** as understood by tn-gw ** (ours gives the 
fully-qualified domain name, but others may just give the hostname).

If people are intersted, ask me and I'll send you the diffs.

Best Wishes,
Chris

--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+--
Christopher Wakelin,                                c.d.wakelin@reading.ac.uk
IT Services Centre, The University of Reading,       Tel: +44 (0)118 931 6630
Whiteknights, Reading, RG6 2AF, UK                   Fax: +44 (0)118 975 3094

[prev in list] [next in list] [prev in thread] [next in thread]