Mandag 13 juni 2005 16:05 skrev Paul Foerster: A reply to Paul Foerster, - yes, you're right about su/xhost and sux. And the security issues involved. I took the liberty to advocate su/host as I was not sure that sux is always present. I just checked my SuSE9.3 - and sux is there and works fine. - If the user is on his very own network behind a firewall, as would normally be the case in adomestic environment, I thought it was ok. Afterall, the "xhost +" goes away after next reboot if you forget to do xhost -. Thank you for your input! Best regards, Verner
Hi Verner,
Log into KDE as an ordinary user. Open a shell. Type xhost + Now go: su
... no, please never do this too, at least not in environments where other people work in the same subnet as you do (that includes home if your internet connection is not going thru a router).
Use "sux" instead of "xhost +" and "su". "sux" will do the display trick for you too so that you won't have to set the DISPLAY variable anymore. "xhost +" introduces a security hole. It even says so when you do it! It allows access to Xwindows functionality to ANYONE who knows your IP address or computer's name, not really a good idea, is it? If you insist on the "xhost" method then limit access to localhost at least: "xhost +localhost" or "xhost +127.0.0.1" But a plain "+" character means ANYONE here! And I mean ANYONE. And that's definitely not what you want.
Just do a "sux -" and you're on the safe side. -- cul8er
Paul paul.foerster@gmx.net
-- ------------------------------ Med venlig hilsen/Best regards Verner Kjærsgaard Open Source Academy www.os-academy.dk Denmark +45 56964223 +45 2014 5551 ------------------------------