Re: xhost

From: Darren Moffat (Darren.Moffat@Sun.COM)
Date: 05/29/02


Date: Wed, 29 May 2002 11:09:23 -0700 (PDT)
From: Darren Moffat <Darren.Moffat@Sun.COM>
To: jim.small@eds.com


>However, if someone knows a better way, please let me know!

One possibility is to take the xhost command from the X Consortium
distribution and remove the code that manipulates Host Access and
use your xhost binary.

However there is nothing to stop an admin with root replacing the
binary with the original or using their own private copy of xhost.

I think this is an issue best dealt with by training and demonstration
of the security risks - show them copies of their mail reader/browser
windows taken because they had done xhost +.

--
Darren J Moffat