[189] in Kerberos
re: "solving" the xhost problem
jon@ATHENA.MIT.EDU (jon@ATHENA.MIT.EDU)
Sun Aug 9 21:39:50 1987
From Saltzer@ATHENA.MIT.EDU Fri Mar 27 17:57:34 1987
Subject: re: "solving" the xhost problem
To: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
Cc: Ralph R. Swick <swick@ATHENA.MIT.EDU>, geer@ATHENA.MIT.EDU,
treese@ATHENA.MIT.EDU, kerberos@ATHENA.MIT.EDU, jis@ATHENA.MIT.EDU,
lbm@ATHENA.MIT.EDU
In-Reply-To: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>'s message of
Fri, 27 Mar 87 16:10:45 EST
From: Jerome H. Saltzer <Saltzer@ATHENA.MIT.EDU>
Originating-Client: <E40-391A-1.MIT.EDU>
Jeff offered his own version of my suggestion; his is one step
simpler. Rather than fabricating a ticket-granting ticket for a
mini-realm, the workstation running the X server could simply
fabricate a ticket that its X server would honor. It could construct
one that appears to be from the default realm. Doing so would
simplify life for the time-sharing host at the other end which
currently isn't equipped to keep track of tickets that come from a
variety of realms.
Ralph points out that there is another, more difficult, application
that is also of interest: the granting of permission to a completely
different user to open a window on your workstation. If we assume
that the foreign user starts by requesting attachment via Zephyr,
which has authenticated the user's identity, and that the workstation
can trust Zephyr because it has a ticket for communication with
Zephyr, then the same mechanism could be used there: the workstation
fabricates an X ticket it will honor, and sends that ticket to the
foreign user, who sends it back to the X port. This approach
requires a hand-hold inside Zephyr, to get a ticket-containing
message back to a user who has used Zephyr to contact your
workstation.
Jerry
