On Wed, 2015-08-19 at 20:01 -0700, Nikolaus Rath wrote: > Until now, I did not know how much trust I'm actually putting into > the > remote server when using -X (on Debian). I'll probably continue to > use > it in the majority of cases (because the alternatively seems rather > useless), but in my opinion it would be great if it could be somehow > communicated to the user what -X really implies. Hmm the best thing would be if one could make X forwarding actually secure. I once proposed the idea[0] to e.g. use something like Xephyr as destination for any forwardings; probably at least one instance per host/user, possibly even per connection. The idea was that the client automatically spawns Xephyr as necessary (with options that e.g. forbid fullscreen, focus stealing, clipboard stealing, keylogging and that like). But at least to me it's not even clear whether Xephyr would really add security so that my idea works, or whether it basically just passes everything on (as X protocol) to the actual X server. So perhaps one would need something else,... like VNC... X forwarding drawn to jpegs ;-) > I believe sudo prints an extensive warning on first invocation (and > uses > a flag file ~/.sudo_as_admin_successfull to be less verbose after > that) - maybe ssh could do something similar? If, then something like this should go upstream... and they may argue that they ship OpenSSH anyway with safe defaults. Cheers, Chris. [0] https://bugzilla.mindrot.org/show_bug.cgi?id=1926
Attachment:
smime.p7s
Description: S/MIME cryptographic signature