Hi all,
the question is simple,
why xauth doesn't work?

I have linux installed with default options but xauth doesn't work. I have already checked the file xdm-config and the lines needed to xauth are already set to true value.

If i launch "xauth list" i see that at every boot it generates new cookies

But how is possible that every client around me can launch applications using my X server? It seems that xauth absolutely doesn't control the host client cookie, it just allows everyone to use X server


I have searched information all over the world, i can't really understand how this damned xauth works.

It isn't true that it checks cookies because anyone can connects, just make sure that xhost is disable and everyone is free to do what he wants.

So what do i have to do??

The best information i have found is to check xdm-config to make sure that some lines are set to true but they are already set to this status

I have found this behaviour in 3 different linux machines.

This time i am really lost, i have search in more
than 5 books and all over internet...please help me if you want

thanks in advance

Xauth is easy, the most common application is this:
Suppose you log in as user1, you want to allow user2 to be able to open the display of user1.

*
under <user1>:
$xauth list
*
under <user2>:


Now in your case it is not using x auth mechanism, I see three reasons:

* you have a xhost + somewhere which removes all check
from <user1> try
and retry as <user2> to open a window
* your xserver is launched in mode 'no auth required' with option -ac.
try
* there is a link from <user2>/.xauthority to <user1>/.xauthority and <user2> has read access to <user1>/.xauthority. This is a big security risk. ( Only /root/.Xauthority could be linked to /home/user1/.Xauthority and as root has read access to this latter then it allows root to access the Xdisplay of user1)

thanks, now it works

I didn't think that it needs xhost control active.

bye!