[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security hole in X????

>>>>> "CC" == Carlos Carvalho <carlos@riglos.fisica.ufpr.br> writes:

CC> The problem is that, with telnet, windows started on the remote
CC> machine open without problems in the local display, even without
CC> giving a xhost <remote> on the local machine. Is this correct? It only
CC> happens if you are the same user on both machines.

You don't have the same home directory on both machines? In that case,
the .Xauthority file is shared and the clients on the remote machine
know the magic cookie for the display. (all this assuming that you use
either xdm or another way to start your X-server with the -auth

Otherwise, could there be something in your sequence of startup files
which changes the access list of the server?

   Dr. Lukas Nellen                 | Email: lukas@teorica0.ifisicacu.unam.mx
   Depto. de Fisica Teorica, IFUNAM |
   Apdo. Postal 20-364              | Tel.:  +52 5 622 5014 ext. 218
   01000 Mexico D.F., MEXICO        | Fax:   +52 5 622 5015

Reply to: