Re: xhost

From: Patrick Morris (pmorris@wilshire.com)
Date: 05/29/02


Date: Wed, 29 May 2002 10:20:58 -0700
From: Patrick Morris <pmorris@wilshire.com>
To: "Small, Jim" <jim.small@eds.com>

A relatively simple solution to this might be to go ahead and disable
xhost, then have admins use SSH to forward their X sessions.

On Wed, 29 May 2002, Small, Jim wrote:

> Unfortunately in this situation, someone can simply do an xhost +. A script
> is not viable, because since this is a server and only admins will be using
> it, they would easily be able to get around any script. That's why I'm
> inclined to think the only sure way is to delete the xhost command.



Relevant Pages

  • Re: xhost
    ... then have admins use SSH to forward their X sessions. ... someone can simply do an xhost +. ... SSH is a good solution. ... you can use SSH with Xforward or Xroute in combination. ...
    (Focus-SUN)
  • Re: ssh -X shop problem...
    ... Gene Heskett wrote: ... using fake authentication data for X11 forwarding. ... "gene" can't run X applications on the local system at that point, and neither can he forward X over ssh. ... Since you've used xhost to add permission to something other than localhost, you probably misunderstand how X forwarding works. ...
    (Fedora)
  • Re: Whats the deal on the -X vs -Y thing?
    ... nor do they have admins who would be responsive ... industry looks to OpenSSH for their ssh solution, ... deep-ssh cannot handle this kind of syntax in its current form. ... > This enhanced client would only be needed on the originating host. ...
    (comp.security.ssh)
  • Re: Securing SSH
    ... I agree, one should never use xhost +, this undoes all the work done by the ... -X or -Y ssh options. ... In fact using ssh -Y user@remote is good enough. ... > You should then see the Xclock on your system from the remote system. ...
    (Fedora)
  • Re: xhost RHEL3 != RHEL4
    ... I find no need to use xhost in RHEL4. ... But I did find I needed to allow X in the ssh command. ... From RHEL3 to RHEL4 there was some security improvements on gdm.conf file. ... set the DISPLAY and open the remote X windows. ...
    (RedHat)