[Pkg-xfce-devel] Bug#721744: Pollutes home with .Xauthority.* files (with bad permissions)

Yuri D'Elia yuri.delia at eurac.edu
Tue Sep 3 17:10:45 UTC 2013

Package: lightdm
Version: 1.6.0-3
Severity: important

I noticed this issue a couple of months ago.

lightdm likes to create (backup?) copies of .Xauthority files for some reason.
I never paid attention to the dynamics, but I have a dozen .Xauthority.* files
in my ~ which look like stale cookies and/or temporary files created by
mkstemp(2) or a similar function.

Moreover, all these files, *including* the current .Xauthority file are created
0644, which is a (grave) security issue by itself.

This effect also seems to be reported in ubuntu, with no action:


-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (900, 'unstable'), (800, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.10-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages lightdm depends on:
ii  adduser                                3.113+nmu3
ii  consolekit                             0.4.5-3.1
ii  dbus                                   1.6.12-1
ii  debconf [debconf-2.0]                  1.5.51
ii  libc6                                  2.17-92+b1
ii  libgcrypt11                            1.5.3-2
ii  libglib2.0-0                           2.36.4-1
ii  libpam0g                               1.1.3-9
ii  libxcb1                                1.9.1-3
ii  libxdmcp6                              1:1.1.1-1
ii  lightdm-gtk-greeter [lightdm-greeter]  1.6.0-1

Versions of packages lightdm recommends:
ii  xserver-xorg  1:7.7+3

Versions of packages lightdm suggests:
pn  accountsservice  <none>
pn  upower           <none>

-- debconf information:
  lightdm/daemon_name: /usr/sbin/lightdm
* shared/default-x-display-manager: lightdm

More information about the Pkg-xfce-devel mailing list