Mailinglist Archive: opensuse (4547 mails)

< Previous Next >
Re: [SLE] export DISPLAY and xhost +
  • From: Sid Boyce <sboyce@xxxxxxxxxxxxxxxx>
  • Date: Wed, 26 May 2004 12:34:11 +0100
  • Message-id: <40B480B3.1080307@xxxxxxxxxxxxxxxx>
John Andersen wrote:

On Tuesday 25 May 2004 15:14, Sid Boyce wrote:

X11 forwarding should be enabled with caution. Users with the
ability to bypass file permissions on the remote host (for the
user's X authorization database) can access the local X11 display
through the forwarded connection. An attacker may then be able
to perform activities such as keystroke monitoring.

Now I'm a bit puzzled.

Users with the ability to bypass file permissions put you at
risk of being owned, and X11 forwarding will not be an
issue nor will absense of it be a problem for said hackers.

That makes general sense, it was just that the manpage seemed to highlight this as a problem only associated with ssh -X.

Sid Boyce .... Hamradio G3VBV and keen Flyer
Linux Only Shop.

< Previous Next >
Follow Ups