[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#765632: option -Y should DWIM regardless of consequences

Debian ought to release ssh to DWIM according to the manual.

Hiding the implicit -Y option with -X only perpetuates the security
risk in the community.

Changing the default to "ForwardX11Trusted no" will force people to
use -Y and be aware they are exposing their local X to risks from
compromised software on the remote host.

This will also provide impetus for developers of common utilities and
other distros to fix their software so it does not require a trusted
connection.  Like, why should I need a trusted connection to run
`gvim` through ssh?  It should only have to access information on the
remote side, and should only be allowed to use X drawing controls on
the local side.

The main point, is that implementing defaults so -X and -Y DWIM
according to the manual will make people aware of the security risk
they take when they use ForwardX11Trusted.

It is the Debian community's responsibility not to hide security risks
from its users.

Removing the ForwardX11Trusted default will be painful medicine, but
it is medicine the kiddies have to take, for their own good.

Mark Hedges, software engineer
Business info:  http://formdata.biz/

Reply to: