Re: install questions

To: debian-user@lists.debian.org
Subject: Re: install questions
From: Richard Cobbe <cobbe@directlink.net>
Date: Mon, 26 Feb 2001 21:22:36 -0600 (CST)
Message-id: <[🔎] 15003.7548.397621.606185@minbar.directlink.net>
In-reply-to: <[🔎] 20010226175601.O30315@plato.local.lan>
References: <[🔎] CEA8A0022F38D31190CC08002BB487E104A2275D@mail9.ntu.edu.sg> <[🔎] 20010226175601.O30315@plato.local.lan>

Lo, on Monday, February 26, Ethan Benson did write:

> On Tue, Feb 27, 2001 at 06:05:03AM +0800, #KUNDAN KUMAR# wrote:
> > Are you using su to run the xcnofig? If that is the case, try running "xhost
> > +" inside the termianal. Then run su and do the kernel compilation...
> > let's see if it works.. just a guess..
> 
> don't do that, that disables ALL X security and lets any bozo on your
> network or the internet to connect to and snoop your entire X
> session.  never do that unless you are not connected to ANY NETWORK! 
> 
> in short xhost + is a HUGE SECURITY HOLE

Absolutely.  Two options which are much better:

1) xhost +foo
    where foo is your local hostname.  Still not ideal, as this allows
    anyone who can log on to your machine full access to the X server, as
    Ethan described above.

2) xauth merge ~bar/.Xauthority
    where `bar' is the user who started X (or logged in at the *dm
    window).  This is the best situation, as it only allows the user who
    runs xauth access.

Richard

Reply to:

Follow-Ups:
- Re: install questions
  - From: Ethan Benson <erbenson@alaska.net>

References:
- RE: install questions
  - From: #KUNDAN KUMAR# <PA7128279@ntu.edu.sg>
- Re: install questions
  - From: Ethan Benson <erbenson@alaska.net>

Prev by Date: Re: HELP: i need to ping an ipx server
Next by Date: [ot] grub with 2 hard disks (was [OT] Grub)
Previous by thread: Re: install questions
Next by thread: Re: install questions
Index(es):
- Date
- Thread