Re: X-windows security in Gnome
- From: Alan Cox <alan redhat com>
- To: Brian Cameron Sun COM
- Cc: otaylor redhat com, gnome-hackers gnome org
- Subject: Re: X-windows security in Gnome
- Date: Fri, 17 May 2002 07:36:52 -0400 (EDT)
> Jim also says (regarding using "xhost +"):
> One response is "don't do that"; but that is a bit of a cop-out, IMHO.
Not really. If you are not using pure encrypted connections any idiot can
take over your session. Anyone can see what you are doing and in any
business environment with the slightest notion of security requirements I'd
hope people got into trouble for it.
Xsecurity is useful but primarily for things like combining with NSA
seclinux and RSBAC to do compartmentalising of application sets. Also it
might not be a bad idea if mozilla partitioned its plugins that way a bit
more.
xhost + is generally dumb
export DISPLAY=someotherbox:0 is generally dumb too
_______________________________________________
gnome-hackers mailing list
gnome-hackers gnome org
http://mail.gnome.org/mailman/listinfo/gnome-hackers
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]