Re: Disabling X server access control

From: Thorsten Küfer (thorsten.kuefer_at_uni-muenster.de)
Date: 01/12/05

  • Next message: Gandalf Parker: "Re: Compromised user account, consequences?"
    Date: Wed, 12 Jan 2005 09:27:33 +0100
    
    

    Menno Duursma wrote:
    > On Tue, 11 Jan 2005 16:21:59 +0100, Thorsten Küfer wrote:
    >
    >>I used to disable the access control of the X server with 'xhost +' so that
    >>I can easily connect as root.
    >
    > Better to use XAUTHORITY (and/or forwanding over SSH.)
    >
    >>What possibilities does this provide to other people?
    >
    > Lots ...
    >
    >>If they can connect, can they see my desktop
    >
    > Yes: xwd / xwud
    >
    >>or grap my keyboard?
    >
    > Probably: xspy

    Oh, that's not very calming. What one silly command can do...

    Thank you
    Thorsten


  • Next message: Gandalf Parker: "Re: Compromised user account, consequences?"