Bug#874096: xorg: X server SECURITY extension should be enabled
Source: xorg
Severity: normal
Dear Maintainer,
it seems that the X server SECURITY extension is not enabled / supported
by default. This extension is necessary for clients connecting via ssh
-X to a server, i.e. via untrusted ssh X forwarding.
While debian patches ssh to disable untrusted ssh X forwarding (i.e. ssh
-X is equivalent to ssh -Y), this is not true for all other
distributions. This results in X forwarding to fail when connecting from
a machine that uses the unpatched / upstream ssh client.
The SECURITY extension can be enabled via the --enable-xcsecurity build
flag.
See also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221984
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (1000, 'stable'), (990, 'stable')
Architecture: amd64 (x86_64)
Locale: LANG=en_US.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Reply to: