The X authority file is a binary data file that contains
    information used to authorize connections to the X server on a
    system running DECwindows Motif Version 1.3 or higher.

    Each time a client application attempts to connect to an X
    server system that uses an authorization protocol, it references
    the current X authority file to determine the appropriate
    authorization key to apply in order to authenticate the
    connection. Each authorization key consists of the protocol name
    and token, which can be one of the following depending on the
    protocol in use:

    o  MIT-MAGIC-COOKIE-1 + random numeric code

    o  MIT-KERBEROS-5 + encrypted string (cached separately)

    By default, an X authority file is created automatically the
    first time a user logs into a desktop on a system configured
    for MIT-MAGIC-COOKIE-1 or MIT-KERBEROS-5 authentication.
    The file is stored in that user's OpenVMS login directory
    (SYS$LOGIN:DECW$XAUTHORITY.DECW$XAUTH). Each time the user
    subsequently logs into a desktop on that system, a new
    authorization key is generated, passed to the X server, and
    written to the user's X authority file. This key controls access
    to the X server during the DECwindows Motif session.

    A separate X authority file can be manually defined on a server
    level (using the DECW$SERVER_XAUTHORITY symbol) for those client
    applications that require access to the X server outside of the
    normal DECwindows Motif login process.

    If the SECURITY extension is enabled, authorization keys can also
    be manually generated. Manually-generated keys can be used to
    further restrict server access. The generated key is stored in
    the X authority file on the client system overwriting any value
    already present for the specified display server. The key can be
    distributed to different client systems to allow connections
    to a specific server and can be revoked to stop subsequent
    connections.

    Generated keys are assigned an authorization ID that associates
    the key with the user who generated the key. As a result, only
    the user who generated the key can revoke the key.