View previous topic :: View next topic |
Author |
Message |
gorg86 Apprentice
Joined: 20 May 2011 Posts: 299
|
Posted: Tue Oct 24, 2017 9:08 am Post subject: [SOLVED] .xauth* and .serverauth* being created "random |
|
|
Hello folks,
I just noticed a strange behaviour on my machine when I was monitoring my disk usage with iotop (LXDE was running at that time):
In my root folder are files being created/changed named .xauth***** (* = random alphanumeric) and in the home directory of the normal user happened the following:
Code: | 4700 be/4 root 0.00 B/s 0.00 B/s 0.00 % 99.99 % X -nolisten tcp :0 -auth /home/<username>/.serverauth.4681 [amdgpu_cs:0] | .
I never ran the xserver as root. What is this?
Thanks in advance
Last edited by gorg86 on Wed Oct 25, 2017 3:57 am; edited 1 time in total |
|
Back to top |
|
|
Hu Moderator
Joined: 06 Mar 2007 Posts: 21624
|
Posted: Wed Oct 25, 2017 2:24 am Post subject: |
|
|
For historical reasons, the X server process runs with effective UID root even when you start it from a user shell. This is undesirable from a security perspective and there are efforts afoot to replace it with a different problem. For now, seeing X running as root is not necessarily an indication you did anything wrong.
For the .xauth files in root's home directory, I believe there is a PAM module pam_xauth.so that is responsible for this. Its purpose is to make it easier to misuse the system, by forwarding your user's X11 auth cookies to the root user, so that you can then easily run X11 client programs as root. If you do not run X11 programs as root (and you should not), you can eliminate this forwarding by disabling the line session optional pam_xauth.so in /etc/pam.d/su. |
|
Back to top |
|
|
gorg86 Apprentice
Joined: 20 May 2011 Posts: 299
|
Posted: Wed Oct 25, 2017 3:57 am Post subject: |
|
|
Thanks for the explanation.
I disabled that liine and .xauth* in the root directory is gone now. |
|
Back to top |
|
|
|