Re: Xwindows security?

[bf () morgan com (Benjamin Fried)]

> > > > > "Bennett" == Bennett Todd <bet () std sbi com> writes:

[...]
    
    Bennett> Don't try to convince all your users to set up xauth(1);
    Bennett> that's a hideous job, made vastly harder than it should be
    Bennett> by the cryptic documentation, and the lack of a secure
    Bennett> standard cookie generator. Instead fix the standard startup
    Bennett> script that users invoke, so that they begin running with
    Bennett> proper authentication. There's still some education
    Bennett> involved; you've gotta also develop suitable tools for
    Bennett> helping them pass cookies around wherever they need to, and
    Bennett> teach them how to use them; but I think the bulk of the job
    Bennett> lies in automating the setup and use of Xauthority so it's
    Bennett> no additional bother for users.

I agree wholeheartedly, especially that better tools are needed to make
it easy for users to pass around the keys to their display.

Xhost actually has one advantage, of a sort, over xauth: users of xhost
can grant access, and later take that access away.  Xauth doesn't permit
this: there's no way to revoke a key to your display.  You've got to
restart the X server.  Once you've given a key to someone, you can't
take it away.  What's needed is a way to dynamically create new,
different keys for your display, and to be able to tell the X server to
individually enable and disable them.

Ben