Dirk Mueller wrote: > > Who says so? This is the way it has been done since the launcher was > > introduced. > > Well, there is no complete documentation of what we were hacking on the > last few days, but I can give you a short summary. for more detailed > stuff Matthias Ettrich and Michael Matz will be able to help. > > By default, ksmserver && DCOPserver will no longer listen on a TCP socket > because of the security problems with that we want to avoid until > we have a working framework to handle these problems. > > So now dcopserver/ksmserver will only listen on a local AF_UNIX socket > which has the mode setting 0700, which means only the user itself > will be able to connect to the dcopserver that is running for him. > > we can set it to 0777 but then we need authentification (that > .ICEauthority file in your home directory). doing that is pretty slow and > according to Matthias Ettrich the authentification is exploitable, there > are known security problems in that part of the ICE code. > > So right now this means one dcopserver per user. separate dcopservers > mean also separate klauncher. Thanks for the explanation. This will require multiple changes in kdesu, which assumes one dcop server per uid-host. > The points that are unanswered: > > do we need communication between different userids? I guess we don't really _need_ it. It would be nice, but, running a program as a different user could be considered an exceptional situation. Not everything is guaranteed to work. Things like system notifications, session management, ... won't work. > between different machines? Same here. > how to solve the problems attached with it? If there's only an AF_UNIX socket, I fear the problem is unsolvable without major hacks. Generally, a different uid cannot connect to it. Another issues that comes to my mind: If there are multiple DCOP servers per display, there can be multiple DCOP servers per uid. All socket files in a home directory should encode the display in their name. Don't know if this is the case currently. Greetings, Geert