Re: X-windows security in Gnome



> 
> xhost + is generally dumb
> export DISPLAY=someotherbox:0 is generally dumb too
> 

Particularly dumb these days with SSH; one should generally use its
tunneling facilities to provide encryption (and potentially compression,
as well).

It may be good to see if using this extension gets us easy (and transparent
to applications) support for Kerb5 when installed with fall back to
magic-cookie; as I said, I've never delved into it.  But the compartmented
mode security features always struck me as daft.

What would also be really good would be to get a cleaner integration of
use of ssh with X applications...  Hmmm....  The potential is there
to really "do it right" if someone wants to take it on...

				- Jim

--
Jim Gettys
Cambridge Research Laboratory
HP Labs, Hewlett-Packard Company
Jim Gettys hp com

_______________________________________________
gnome-hackers mailing list
gnome-hackers gnome org
http://mail.gnome.org/mailman/listinfo/gnome-hackers



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]