Re: X-windows security in Gnome

From: <Jim Gettys hp com>
To: Alan Cox <alan redhat com>
Cc: Brian Cameron Sun COM, otaylor redhat com, gnome-hackers gnome org
Subject: Re: X-windows security in Gnome
Date: Fri, 17 May 2002 10:51:22 -0700 (PDT)

> 
> xhost + is generally dumb
> export DISPLAY=someotherbox:0 is generally dumb too
> 

Particularly dumb these days with SSH; one should generally use its
tunneling facilities to provide encryption (and potentially compression,
as well).

It may be good to see if using this extension gets us easy (and transparent
to applications) support for Kerb5 when installed with fall back to
magic-cookie; as I said, I've never delved into it.  But the compartmented
mode security features always struck me as daft.

What would also be really good would be to get a cleaner integration of
use of ssh with X applications...  Hmmm....  The potential is there
to really "do it right" if someone wants to take it on...

				- Jim

--
Jim Gettys
Cambridge Research Laboratory
HP Labs, Hewlett-Packard Company
Jim Gettys hp com

_______________________________________________
gnome-hackers mailing list
gnome-hackers gnome org
http://mail.gnome.org/mailman/listinfo/gnome-hackers

Follow-Ups:
- Re: X-windows security in Gnome
  - From: Alan Cox
- Re: X-windows security in Gnome
  - From: Gregory Leblanc

References:
- Re: X-windows security in Gnome
  - From: Alan Cox

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]