summaryrefslogtreecommitdiff
path: root/specs/SIAddresses/localuser.txt
diff options
context:
space:
mode:
Diffstat (limited to 'specs/SIAddresses/localuser.txt')
-rw-r--r--specs/SIAddresses/localuser.txt20
1 files changed, 20 insertions, 0 deletions
diff --git a/specs/SIAddresses/localuser.txt b/specs/SIAddresses/localuser.txt
new file mode 100644
index 0000000..e67ff01
--- /dev/null
+++ b/specs/SIAddresses/localuser.txt
@@ -0,0 +1,20 @@
+Server-interpreted Authentication Types "localuser" and "localgroup":
+
+On systems which can determine in a secure fashion the credentials of a client
+process, the "localuser" and "localgroup" authentication methods provide access
+based on those credentials. The format of the values provided is platform
+specific. For POSIX & UNIX platforms, if the value starts with the character
+'#', the rest of the string shall be treated as a decimal uid or gid, otherwise
+the string is defined as a user name or group name.
+
+Systems offering this MUST not simply trust a user supplied value (such as an
+environment variable or IDENT protocol response). It is expected many systems
+will only support this for clients running on the same host using a local IPC
+transport.
+
+Examples:
+ xhost +SI:localuser:alanc
+ xhost +SI:localuser:#1234
+ xhost +SI:localgroup:wheel
+ xhost +SI:localgroup:#0
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 13:07:58 +0000