Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] .xauth* and .serverauth* being created "randomly"
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
gorg86
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2011
Posts: 123

PostPosted: Tue Oct 24, 2017 9:08 am    Post subject: [SOLVED] .xauth* and .serverauth* being created "random Reply with quote

Hello folks,

I just noticed a strange behaviour on my machine when I was monitoring my disk usage with iotop (LXDE was running at that time):
In my root folder are files being created/changed named .xauth***** (* = random alphanumeric) and in the home directory of the normal user happened the following:
Code:
4700 be/4 root        0.00 B/s    0.00 B/s  0.00 % 99.99 % X -nolisten tcp :0 -auth /home/<username>/.serverauth.4681 [amdgpu_cs:0]
.

I never ran the xserver as root. What is this?

Thanks in advance


Last edited by gorg86 on Wed Oct 25, 2017 3:57 am; edited 1 time in total
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13509

PostPosted: Wed Oct 25, 2017 2:24 am    Post subject: Reply with quote

For historical reasons, the X server process runs with effective UID root even when you start it from a user shell. This is undesirable from a security perspective and there are efforts afoot to replace it with a different problem. For now, seeing X running as root is not necessarily an indication you did anything wrong.

For the .xauth files in root's home directory, I believe there is a PAM module pam_xauth.so that is responsible for this. Its purpose is to make it easier to misuse the system, by forwarding your user's X11 auth cookies to the root user, so that you can then easily run X11 client programs as root. If you do not run X11 programs as root (and you should not), you can eliminate this forwarding by disabling the line session optional pam_xauth.so in /etc/pam.d/su.
Back to top
View user's profile Send private message
gorg86
Tux's lil' helper
Tux's lil' helper


Joined: 20 May 2011
Posts: 123

PostPosted: Wed Oct 25, 2017 3:57 am    Post subject: Reply with quote

Thanks for the explanation.
I disabled that liine and .xauth* in the root directory is gone now.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum