by mail.netbsd.org with SMTP; 24 Jul 2000 20:03:28 -0000
	by polderland.nl (8.9.3/8.9.3) id WAA03720;
	Mon, 24 Jul 2000 22:02:53 +0200 (CEST)
Date: Mon, 24 Jul 2000 22:02:53 +0200
From: Olaf Seibert <rhialto@polderland.nl>
To: John Kohl <jtk@kolvir.arlington.ma.us>
Cc: perry@wasabisystems.com, tls@rek.tjls.com, tech-x11@netbsd.org,
        tech-security@netbsd.org
Subject: Re: Weekly BSD Security Digest 2000/07/10 to 2000/07/16
Message-ID: <20000724220253.A2870@polderland.nl>
References: <87bsznh1fm.fsf@snark.piermont.com> <200007241825.OAA22405@kolvir.arlington.ma.us>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <200007241825.OAA22405@kolvir.arlington.ma.us>

On Mon 24 Jul 2000 at 14:25:26 -0400, John Kohl wrote:
> No need for any coding work, I think.  You just need to remove the
> chooser stuff from /usr/X11R6/lib/X11/xdm/Xaccess (comment out the
> CHOOSER BROADCAST and "any host can get a login window" lines).

To my annoyance, I noticed that something like that was already done in
the 1.4.2 xdm configuration. It took me a while to find, since the
setting was hidden at the bottom of (I think, cannot check right now)
xdm-config. All other config files, including Xaccess, suggested that
network xdm logins were configured correctly so I had to resort to
diffing old config files with new ones to find the problem. Even running
with debug output was not revealing anything.

In other words, this was not clearly documented, so far as I could see
only above the very same config line that was the culprit. And yes, the
only need I have for xdm is for logins over the net.

> ==John Kohl <jtk@kolvir.arlington.ma.us>, <john_kohl@alum.mit.edu>
-Olaf.
-- 
___ Olaf 'Rhialto' Seibert - rhialto@polder   -- Ah only did well at school
\X/ land.nl      -- tae git intae an O level class tae git away fae Begbie.
Hi! I am a .signature virus. Copy me into your .signature to help me spead.