Bug#874096: marked as done (xorg: X server SECURITY extension should be enabled)

To: Julien Cristau <jcristau@debian.org>
Subject: Bug#874096: marked as done (xorg: X server SECURITY extension should be enabled)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 04 Sep 2017 13:06:08 +0000
Message-id: <[🔎] handler.874096.D874096.150453023511271.ackdone@bugs.debian.org>
Reply-to: 874096@bugs.debian.org
References: <984dc3ba-0971-ce26-707b-96e95d2c9690@debian.org> <[🔎] 150441986902.32508.13683666288408224988.reportbug@riseup.net>

Your message dated Mon, 4 Sep 2017 14:55:01 +0200
with message-id <984dc3ba-0971-ce26-707b-96e95d2c9690@debian.org>
and subject line Re: Bug#874096: xorg: X server SECURITY extension should be enabled
has caused the Debian Bug report #874096,
regarding xorg: X server SECURITY extension should be enabled
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
874096: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874096
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: xorg: X server SECURITY extension should be enabled
From: "root" <ch4r@riseup.net>
Date: Sun, 03 Sep 2017 06:24:29 +0000
Message-id: <[🔎] 150441986902.32508.13683666288408224988.reportbug@riseup.net>

Source: xorg
Severity: normal

Dear Maintainer,

it seems that the X server SECURITY extension is not enabled / supported
by default. This extension is necessary for clients connecting via ssh
-X to a server, i.e. via untrusted ssh X forwarding.

While debian patches ssh to disable untrusted ssh X forwarding (i.e. ssh
-X is equivalent to ssh -Y), this is not true for all other
distributions. This results in X forwarding to fail when connecting from
a machine that uses the unpatched / upstream ssh client.

The SECURITY extension can be enabled via the --enable-xcsecurity build
flag.

See also https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221984


-- System Information:
Debian Release: 9.1
  APT prefers stable
  APT policy: (1000, 'stable'), (990, 'stable')
Architecture: amd64 (x86_64)

Locale: LANG=en_US.UTF-8, LC_CTYPE=zh_CN.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

--- End Message ---

--- Begin Message ---

To: root <ch4r@riseup.net>, 874096-done@bugs.debian.org

Subject: Re: Bug#874096: xorg: X server SECURITY extension should be enabled

From: Julien Cristau <jcristau@debian.org>

Date: Mon, 4 Sep 2017 14:55:01 +0200

Message-id: <984dc3ba-0971-ce26-707b-96e95d2c9690@debian.org>

In-reply-to: <[🔎] 150441986902.32508.13683666288408224988.reportbug@riseup.net>

References: <[🔎] 150441986902.32508.13683666288408224988.reportbug@riseup.net>
On 09/03/2017 08:24 AM, root wrote:
> Source: xorg
> Severity: normal
> 
> Dear Maintainer,
> 
> it seems that the X server SECURITY extension is not enabled / supported
> by default. This extension is necessary for clients connecting via ssh
> -X to a server, i.e. via untrusted ssh X forwarding.
> 
This statement looks mistaken to me, as far as I can tell the SECURITY
extension is enabled.

Cheers,
Julien
--- End Message ---

Reply to:

References:
- Bug#874096: xorg: X server SECURITY extension should be enabled
  - From: "root" <ch4r@riseup.net>

Prev by Date: Re: Aw: Re: libglx0
Next by Date: Bug#786873: marked as done (xserver-xorg-video-openchrome: does not show any graphics-output)
Previous by thread: Bug#874096: xorg: X server SECURITY extension should be enabled
Next by thread: Bug#786873: marked as done (xserver-xorg-video-openchrome: does not show any graphics-output)
Index(es):
- Date
- Thread