[603] in bugtraq
Re: Xwindows security?
daemon@ATHENA.MIT.EDU (Benjamin Fried)
Tue Jan 10 17:47:46 1995
Date: Tue, 10 Jan 1995 13:10:45 -0500
From: bf@morgan.com (Benjamin Fried)
To: bet@std.sbi.com (Bennett Todd)
Cc: mouse@Collatz.McRCIM.McGill.EDU (der Mouse), ddk@beta.lanl.gov,
bugtraq@fc.net, e41126@rl.gov
In-Reply-To: <9501091927.AA21736@std.sbi.com>
>>>>> "Bennett" == Bennett Todd <bet@std.sbi.com> writes:
[...]
Bennett> Don't try to convince all your users to set up xauth(1);
Bennett> that's a hideous job, made vastly harder than it should be
Bennett> by the cryptic documentation, and the lack of a secure
Bennett> standard cookie generator. Instead fix the standard startup
Bennett> script that users invoke, so that they begin running with
Bennett> proper authentication. There's still some education
Bennett> involved; you've gotta also develop suitable tools for
Bennett> helping them pass cookies around wherever they need to, and
Bennett> teach them how to use them; but I think the bulk of the job
Bennett> lies in automating the setup and use of Xauthority so it's
Bennett> no additional bother for users.
I agree wholeheartedly, especially that better tools are needed to make
it easy for users to pass around the keys to their display.
Xhost actually has one advantage, of a sort, over xauth: users of xhost
can grant access, and later take that access away. Xauth doesn't permit
this: there's no way to revoke a key to your display. You've got to
restart the X server. Once you've given a key to someone, you can't
take it away. What's needed is a way to dynamically create new,
different keys for your display, and to be able to tell the X server to
individually enable and disable them.
Ben