http://bugzilla.novell.com/show_bug.cgi?id=450203 http://bugzilla.novell.com/show_bug.cgi?id=450203#c29 --- Comment #29 from Christian Boltz <suse-beta@cboltz.de> 2010-04-06 23:05:33 CEST --- (In reply to comment #28)
Would the security concern still apply if the file is located in ~/.kde4/Autostart folder?
Yes. It doesn't matter how/from where you call "xhost +local". As soon as it is called, every local user (including SSH logins etc.) can access the X server. As I said: it might be a _workaround_ on systems with only trusted users (or just one user at all ;-) xhost +local should never be a default setting, and I'm quite sure the security team will tell you the same if you ask them. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.