Comment 6 for bug 235956

Revision history for this message
Oliver Grawert (ogra) wrote :

there is and has to be no -ac option anywhere in the code anymore, to restate that again, -ac was removed upstream it is neither in debian code (at least it shouldnt be, else that would be a security bug agaist debian you should file) nor in fedora code nor in our code anymore.
your problem lies elsewhere ...

the fix we worked out upstream is supposed to take the xauth cookie created by ldm and *add it to your session* authority file *during login*. if that doesnt work for you, lets find out why, but please stop re-stating that we need to add -ac, since we will neither do that upstream nor in ubuntu.
the fix is used in debian sid as well as fedora 9 and ubuntu hardy with success.

if there is anything gone missing in gutsy due to the patch, lets inspect and fix it the proper way, just reverting to the big security hole wont help anyone.

feel free to inspect revision 837 of the ldm upstream source (http://bazaar.launchpad.net/~ltsp-upstream/ltsp/ldm-trunk) and propose a better fix, but we wont re-add -ac ...

btw, if you remove LDM_DIRECTX, xauth isnt used at all since all X transport is done through ssh and its X proxy mechanism, xauth is not involved in this.