Sun recommends users run 'xhost +' in StarOffice FAQ

[pinkfreud () ORODRUIN MIRKWOOD NET (PinkFreud)]

Now that Sun has bought the creators of StarOffice, they have taken over
support of the product.  This support, unsurprisingly, includes FAQs on
their website.  While perusing the online documentation recently, I came
aross the following Q+A, located at:

http://www.sun.com/products/staroffice/techfaq-unix.html

  During a network installation, setup was carried out on the
  server under root with /NET parameter, followed by a log-in on
  the server via user name and by starting setup from the bin
  directory. Nothing happened. What is the problem? SuSE 6.0.
  The user version shall be installed on the server as well.

  This problem may be due to the fact that an X application is not
  permitted to run on an X belonging to another user. You should try the
  following: 'xhost +' and then 'export DISPLAY=:0.0' in the shell from
  which you would like to start the setup. Otherwise we recommend
  referring to the man pages 'man xhost' and 'man xauth'.

While specifying 'xhost +' may be an easy way of solving a permission
problem, it's also a large security risk, as it disables all security for
the X server it's run on.  Considering that the majority of people who are
having that difficulty are probably fairly new to Linux, and *nix in
general, most will probably blindly take Sun's suggestion, and disable
security on their X server until they wind up restarting it.

I'm sure most of us know what can be done on an X server without security,
so I won't go into that.

Sun has been notified of this issue via their website - as of yet, I have
not recieved a response from them.

Mike (PinkFreud) @ Mirkwood.Net