I can replicate the bug with creating a root owned /rootfile and ln -s /rootfile ~/.Xauthority. lightdm changes /rootfile then.
Writing ~/.dmrc uses g_file_set_contents() which is safe against symlink attacks. However, it's still more robust to drop privileges instead of chown()ing.
I can replicate the bug with creating a root owned /rootfile and ln -s /rootfile ~/.Xauthority. lightdm changes /rootfile then.
Writing ~/.dmrc uses g_file_ set_contents( ) which is safe against symlink attacks. However, it's still more robust to drop privileges instead of chown()ing.