Re: Disabling xhost(1) Access Control
From: Alexey Koptsevich (kopts@astro.ioffe.rssi.ru)
Date: 04/06/01
- Next message: Q Yai QQ: "Re: ntpd patch"
- Previous message: Kirk Reed: "Unsubscribe"
- Maybe in reply to: Alexey Koptsevich: "Re: Disabling xhost(1) Access Control"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 6 Apr 2001 16:05:32 +0400 (MSD) From: Alexey Koptsevich <kopts@astro.ioffe.rssi.ru> To: Per Kristian Hove <perhov@math.ntnu.no>, Johan Danielsson <joda@pdc.kth.se>
Hello,
> | If you want to do that there are at least two places you have to
> | change the behaviour in programs/Xserver/os/access.c:
> |
> | * for the `xhost +' case change ChangeAccessControl(), to only succeed
> | for the enable case (paranoid people use `xhost -' routinely).
> |
> | * for `xhost +host' change AddHost() to your liking (ifdef out
> | FamilyInternet).
>
> If you're paranoid, you should also change the default behaviour
> of InvalidHost() [also in access.c] to return 1 instead of 0 if
> AccessEnabled isn't set [if you're running with `xhost +', that
> is]. This is where the access check actually takes place.
Sorry, could you write what exactly should I change in the code?
Thanks a lot,
Alex
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Q Yai QQ: "Re: ntpd patch"
- Previous message: Kirk Reed: "Unsubscribe"
- Maybe in reply to: Alexey Koptsevich: "Re: Disabling xhost(1) Access Control"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
