Bug 216236

Summary: tcltk send command doesn't work on FC6 display
Product: [Fedora] Fedora Reporter: Guy Jennings <jennings>
Component: tkAssignee: Marcela Mašláňová <mmaslano>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-11-29 09:06:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Guy Jennings 2006-11-17 22:01:10 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Darwin) KHTML/3.5.4 (like Gecko)

Description of problem:
The tcl/tk 'send' command no longer works between 2 windows on an FC6 display.  You get 
the error 'X server insecure (must use xauth-style authorization); command ignored'

The 'winfo interp' command correctly lists the other windows.


Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
1. start two copies of 'wish' from two terminal windows.
2. two windows titled 'wish' and 'wish #2' should open.
3. In the terminal that started 'wish #2' type 'send wish ls'


Actual Results:
You get the error:

X server insecure (must use xauth-style authorization); command ignored

Expected Results:
The ls command should have run.

Additional info:
Seems to be a problem with the X display configuration - you also get the same behavior 
with
remote tcltk processes running on other systems.
Comment 1 Marcela Mašláňová 2006-11-21 09:13:37 UTC 
I found in file changes from upstream:
4/26/93 (new feature) Implemented security check for "send" as proposed        
                                              
by Bennett Todd: incoming sends are now rejected unless (a) xhost-style        
                                              
access control is enabled and (b) the list of authorized hosts is              
                                              
empty.  In other words, you have to use xauth to use send.  This feature       
                                              
can be disabled by setting the TK_NO_SECURITY flag at compile-time.

Please try this way.
Comment 2 Guy Jennings 2006-11-21 17:37:47 UTC 
The problem is most likely not with tcltk, but rather with the X server authentication in FC6.  The send 
command worked correctly in FC5 and works correctly between two wish processes running on an FC6 
machine but displayed remotely on a non-FC6 display via ssh (using the '-Y' option to ssh).

The upstream 'change' you mention was added to tk 1.3, 13 years ago!  I don't think it is the problem.
Comment 3 Marcela Mašláňová 2006-11-28 10:07:29 UTC 
Yes, that's true, it was functional in previous fedora. But your programme was
still unsecure accordance with upstream howto. 
Please see upstream http://wiki.tcl.tk/1829 for more information.
Comment 4 Guy Jennings 2006-11-28 20:41:52 UTC 
I followed the suggestions in http://wiki.tcl.tk/1829, and http://wiki.tcl.tk/1831
Running 'xhost' gives the output:

access control enabled, only authorized clients can connect
SI:localuser:jennings

If I then do

xhost -SI:localuser:jennings

the 'send' command works once more.
Comment 5 Marcela Mašláňová 2006-11-29 09:06:22 UTC 
Using xhost is more safer and it's in accordance with manual of tctlk.