Bugtraq mailing list archives
X Window System security
From: gildea () x org (Stephen Gildea)
Date: Wed, 11 Jan 1995 11:13:48 EST
There are already good tools for setting up keys and passing them around. xdm sets up keys. xrsh passes them to remote clients. Host-based authorization isn't the only revokable access method. Anything that has principals, rather than passwords, has this advantage. In X11R6 there are two such schemes, MIT-KERBEROS-5 and SUN-DES-1. (SUN-DES-1 was also in R5.) So while you can't take an MIT-MAGIC-COOKIE away from someone, you can deny KRB:gildea () x org further connection rights. See the Xsecurity(1) manual page for details. Note that none of these methods allow you to revoke the authorization of an already-connected client. < Stephen X Consortium
Current thread:
- Re: Xwindows security?, (continued)
- Re: Xwindows security? Adam Shostack (Jan 11)
- Re: Xwindows security? Darren Reed (Jan 11)
- Re: Xwindows security? Jim McCoy (Jan 11)
- Re: Xwindows security? Julian Assange (Jan 13)
- Re: Xwindows security? Timothy Newsham (Jan 11)
- about /usr/etc/chill *Hobbit* (Jan 11)
- mountd keeps vanishing (!) Eric Berggren (Jan 11)
- Re: mountd keeps vanishing (!) Eric Kimminau (Jan 12)
- Re: mountd keeps vanishing (!) Karl Strickland (Jan 12)
- Re: mountd keeps vanishing (!) Pete Shipley (Jan 14)
- X Window System security Stephen Gildea (Jan 11)
- Re: Xwindows security? Benjamin Fried (Jan 10)
- xcrowbar Dave Goldberg (Jan 11)
- xcrowbar/ident for x Nathan Lawson (Jan 11)